Global Fraud and Cyber-Security Incidents on the Rise, Kroll Finds

Risk solution provider Kroll released the 10th annual edition of its Global Fraud and Risk Report on Jan. 22, revealing insights into the current state of cyber-security and fraud risks. The 47-page report is based on responses from 540 senior executives who work in different industries around the world. Among the high-level findings in the report is that incidents of fraud were up in 2017. Eighty-four percent of respondents said their organizations were victims of fraud last year, up from 82 percent in the 2016 report. And for the first time in the 10-year history of the report, information theft was identified as the top fraud attack. In this slide show, eWEEK looks at some of the highlights of the Kroll Annual Global Fraud and Risk report.

Eighty-four percent of respondents said their organization was the victim of at least one instance of fraud in 2017, up from 82 percent in 2016.

Incidences of fraud and cyber-security incidents vary by industry. The financial services industry had the highest reported level for fraud, at 91 percent.

Seventy-seven percent of organizations reported that fraud-related losses were 6 percent or less of their company’s revenues.

For the first time in the 10-year history of the report, information theft was identified as the top fraud attack at 29 percent, up from 24 percent in the 2016 report.

Organizations suffered multiple types of cyber-incidents in 2017, with virus and worm infestation being the top category at 36 percent. One of the fastest growing attacks is email-based phishing attacks, which were reported by 33 percent of respondents, up from 26 percent in 2016.

There were multiple ways in which organizations were attacked in 2017. The leading cause, cited by 25 percent of respondents, was a software vulnerability, of which attackers to advantage.

Of the organizations that suffered a cyber-incident in 2017, 34 percent attributed the attack to a “random cyber-criminal,” while 28 percent identified ex-employees as the key perpetrators.