Cyber crime, bribery and corruption are on the rise as corporate UK seeks to raise its defences against the fraudsters, writes James Dean
Kofi Annan once said: “Corruption is an insidious plague. It undermines democracy and the rule of law, leads to violations of human rights, distorts markets, erodes the quality of life, and allows organised crime, terrorism and other threats to human security to flourish. This evil phenomenon is found in all countries big and small, rich and poor.”
The then United Nations secretary-general was speaking 11 years ago on the day the UN adopted its convention against corruption. The convention gave impetus to a wave of anti-corruption legislation across UN member states, such as the recent Bribery Act in the UK. The UK and the United States, with its fierce Foreign Corrupt Practices Act, are the two nations leading the way in the fight against corruption at home and abroad. And the agencies that enforce these laws are enjoying something of a renaissance at present, with the US Department of Justice in particular enjoying a string of successful prosecutions.
Bribery and corruption are as old as mankind. The man on the street understands what they are and what effects they have. Such is our comfort with these concepts that the tale of corruption at Enron, the American energy company, can be made into a musical that plays on Broadway and in the West End.
Cyber crime is, though, a very different matter. Highly intelligent individuals, let alone the average man, have been left fumbling in the wake of the advances in information technology of the last two decades. The vast majority of us simply do not understand how information is being obtained, stored and disseminated in the modern world.
CELEBRITY PHONE HACKING
Sometimes these issues hit the headlines, such as the recent news that more than 100 female celebrities had hundreds of intimate photos stolen from their private online accounts. Events like these prompt people to take action – in this case, to take far greater care to protect their cloud computing accounts with stronger passwords or, perhaps, not to take nude selfies on smartphones.
The women affected by this gross breach of privacy had, it appeared, very little understanding of the technology they were using and how it might be compromised. An even darker side to the story was that the hackers had apparently gone completely undetected as they took what they wanted from the women’s accounts for many years.
Lessons learnt from episodes such as these apply to businesses as much as they do to individuals. It appears that many companies are beginning to act with greater urgency.
The “big four” accountancy firms are somewhat a bellwether for the corporate community. Different practices within these professional services firms grow and shrink depending on the services required of them from their corporate customers. Within the last year, all four have drastically grown the size of their cyber security practices. EY, for example, said that it would double the size of its practice.
Some recent huge hacks have added to the sense of urgency about shoring up corporate cyber defences
Some recent huge hacks have added to the sense of urgency about shoring up corporate cyber defences. In the largest known leak of personal information, hackers stole 152 million records from 38 million customers of Adobe, the software company, including credit card details, passwords and user names. eBay, the online marketplace, admitted earlier this year that 145 million customer records had been stolen by hackers. According to Risk Based Security, an information security firm, 822 million personal records were exposed in more than 2,100 attacks globally in 2013.
The fear among businesses of hacking attacks is perhaps the reason that nearly half of all companies believe their cyber security risk has increased in the last year, according to the 2014 Global Economic Crime Survey by PwC. This proportion is up from 39 per cent last year. According to PwC’s report, one in four companies suffered a cyber attack in the last year and about one in ten of these attacks caused financial losses of more than $1 million.
Of course, cyber crime is not the only threat to companies and, although incidences continue to rise, it is the fourth most common type of fraud reported by companies, according to the survey. Bribery and corruption is the third most common category, reported by 27 per cent. Bribery and corruption, too, are on an upward trend, with 13 per cent more reports in the last year.
The second most common type of fraud was procurement fraud, reported by 29 per cent of respondents to the survey. Asset misappropriation, reported by nearly seven in ten, was the most common of all categories.
In all, more than a third of those surveyed by PwC – 37 per cent – said that they had fallen victim to economic crime in the past year, a rise from the previous year and the year before that. The statistics suggest that, new or old, fraud continues to pervade many corners of corporate life.