THE BLOG
11/22/2016 03:01 pm ET Updated Dec 06, 2017

Top Targeted Industries for Cyber Fraud

2016-11-15-1479196524-5030703-cybrefraude_opt.jpg
Image Credit

In the physical world, criminals are more likely to target a facility that will give them a suitable reward for the risks they are taking. The same is true for the digital world. Cyber criminals are drawn to industries that give them the greatest potential to realize some value for their hacking efforts.

The common thread that runs through the industries that are most targeted for cyber fraud is that they are more likely to transact business with repeat or regular customers, giving them greater access to their customers' personal information. Industries that have adopted loyalty programs are particularly vulnerable, and loyalty point theft has grown into a significant cyber fraud problem.

Below are the top targeted industries for cyber fraud.

  • Banks and Financial Services Companies
The Society for Worldwide Interbank Financial Telecommunication ("SWIFT") issued a warning of the high risks that banks face for cyber fraud problems following an $81 million theft from a Bangladesh central bank account at the New York Federal Reserve bank earlier in 2016.

SWIFT provides a global messaging platform that is used by 11,000 financial institutions around the world. Banking assets and the large volume of personal information regarding depositors will keep banks at the top of the cyber fraud target list for the near and distant future.

  • Healthcare

The healthcare industry accounts for one-sixth of all economic activity n the United States. The U.S Department of Health and Human Services has estimated that the personal information of at least half of all United States citizens has been compromised by cyber fraud in the health care industry, and healthcare remains the number one target for cyber fraud activity. Health care records include extremely valuable personal information, including social security numbers, insurance IDs, and credit card and other payment information.

On the black market, medical records are often an order of magnitude more valuable than just credit card records alone. Industry efforts and new regulations have established higher standards for protection of health care records, but those standards have not yet produced measurable results.

  • Transportation

Airlines were an early adopter of loyalty point programs, and frequent fliers have long enjoyed the extra benefits given to travelers who do repeat business with the same carrier. The transportation industry will continue to be a growing target as more of its operations are transitioned into digital environments.

Travelers generally pay less attention to airline loyalty points than they do to credit cards and bank accounts, making loyalty programs even more attractive to cybercriminals.

  • Manufacturing

The complexity of large manufacturing operations creates many weak links that leave them vulnerable to cyber fraud attacks. In early 2016, for example, the Austrian airline parts supplier, FACC, reported that it had lost more than €50 million in a cyber attack involving communication and information technologies.

In many cases, the attacks on manufacturing companies are simple: busy manufacturing employees receive requests from sources that appear to be legitimate to transfer funds in payment for materials or services. Better employee training may alleviate this problem.

  • Retailers

Retailing is rising on the list of industries of likely cyber fraud targets. Retailers' implementation of loyalty programs and the volume of information that they collect and retain about customers create a strong motivation for cyber criminals to attack retailers' information systems networks.

Companies that operate within these targeted industry sectors are focusing on better employee education and on implementing next-generation loyalty point theft solutions to control and limit the damage from cyber fraud.

Those solutions provide subscription SaaS programs and other customizable tools and techniques to help organizations detect a cyber fraud incursion before significant damage occurs. These solutions are the current industry-best response to a problem that shows no sign going away any time soon.