Banks are obscuring the true amount of money lost to cyber fraudsters preferring to write off cyber incidents as losses, according to the City of London Police.
Banks assess the losses sustained from customers leaving, because of security fears, greater than covering the cost of cyber crime.
Speaking at a TechUK conference Adrian Leppard, commissioner of City of London Police, said cyber criminals are stealing more money online – but banks are not reporting the full extent of the theft.
He said only one in five cyber crimes is reported. Of those, only another one in five provoke a proper response from law enforcement agencies.
Leppard said the low reporting rates resulted from banks writing off cyber fraud as operating costs.
This echoes claims made to a Treasury select committee in November 2014 by University of Cambridge researcher Richard Clayton.
Read more about cyber attacks on banks
- It will take a major global company going down in the wake of a cyber attack to really shake up information security, according to City of London Police commissioner Adrian Leppard.
- EC3 and AnubisNetworks will exchange expertise, statistics and other strategic information under a memorandum of understanding (MoU).
- There was a 48% rise in the amount of money stolen from UK online bankers in 2014 as criminals pilfered more than £60m through a total of 53,192 incidents, according to figures from Financial Fraud Action UK (FFA).
Cyber thieves steal twice amount reported
Clayton – a senior researcher in security economics at the University of Cambridge – told that the Treasury select committee that the real sums stolen from customers' accounts is twice as much as the amount reported, because banks often recover losses without reporting them.
Speaking at a meeting about finance firms' treatment of customers, Clayton said: “Insiders tell me the going rate is about twice the amount of money reported by banks goes walkies out of people’s accounts.” Banks keep this figure secret because a lot of it is recovered, he added.
One senior security professional in the banking sector said it is not just the public that are kept in the dark: “It is not something the banks share internally either. Even reasonably senior level IT staff I don't even hear about the incidents banks suffer. I have seen the same happening for years as the banks fear they will lose customer confidence and it could make an unknown impact on the economy."
Online fraud losses rocket in 2014
According to recent figures from Financial Fraud Action UK (FFA), there was a 48% rise in the amount of money stolen from UK online bankers last year compared to 2013. Criminals pilfered more than £60m through a total of 53,192 incidents,
Online fraud losses showed a downward trend in 2010 and 2011, but rose in the three years since, with the £20m increase in 2014 dwarfing the £1.3m and £4.2m rises in the previous two years. The 2014 figure is almost the same as in 2009, when £59.7m was stolen, but there are many more people banking online now than in 2009.