NCA report: Financial Trojans & Organised Crime

Once a fringe issue, cybercrime has become a key threat to businesses and individuals alike, and is central to UK law-enforcement strategy.

This week the UK’s National Crime Agency (NCA), which tackles organised crime affecting the UK, published its annual National Strategic Assessment. The report presents a worrying view of the rise and impact of organised crime in the UK, with the agency itself claiming to be underfunded to deal with it effectively. Here we outline some of the headline findings:

Cyber-enabled fraud is big business

Although the report distinguishes economic crime from cybercrime, the consequences are often the same – fraud. Financial losses from fraud increased by a staggering 32 per cent in six months in 2018, and cyber-enabled fraud continues to be big business. The NCA describes “Mandate Fraud”, where fraudsters obtain details of direct debits, standing orders or account transfer details in order to change them and divert the funds to their own accounts. This type of fraud, which can be enabled by email communications, is now the type with the highest reported losses in the private sector (GBP 46m in six months), and the third highest reported losses by individuals (GBP 38 million in the same time-frame).

Simple cyber-security measures can go a long way

The report notes how social engineering – which tricks people into handing over their details – is more prevalent than ever. Cyber-enabled fraud allows perpetrators to commit their crimes from almost anywhere in the world and target the UK, with funds often being transferred overseas.  Unfortunately, defences against attacks are often weak. Over the past year, MDR Cyber has seen several instances of high-value frauds being executed, usually through poor configuration of simple security measures applied to cloud email services. Simple cyber security measures, particularly use of two-factor authentication, can help to prevent these kinds of scams.

Ransomware is steady but businesses now more at risk

Ransomware, which blocks access to files and holds them to ransom, is still an issue, although the number of attacks remains steady since 2017. Traditionally these attacks targeted individuals, but increasingly there has been a shift in tactics by attackers towards “enterprise” ransomware attacks. These focus on organisations with systems that are critical to operations, and therefore present a more valuable extortion target. Although they have not paid a ransom, the Norwegian firm Norsk Hydro were targeted by ransomware earlier in the year and sustained 41m USD of costs on mitigating operations which were severely affected.

The NCA presents the threat from Russian-language groups who build and use malware to steal from bank accounts as the number one cyber threat to the UK. While these so-called “banking Trojans” may mean large overall losses to UK banking institutions, the losses felt by the individual customers are sometimes absorbed by the banks. Because the financial impact is not always directly felt by the general public,this threat does not tend to be widely recognised. These groups, however, are still making considerable profits from their endeavours.

The internet is making crime easier than ever

Unsurprisingly, the report also highlights some of the ways that traditional organised crime and cybercrime are moving closer together in terms of the tactics and techniques they use. Techniques which involve the use of internet technologies have increasingly been adopted by groups wishing to preserve anonymity, evade regulation or keep out of reach of law-enforcement.

Encryption, the dark web and cryptocurrencies are now used across a wider range of criminal activities than ever before. In 2018, the NCA estimated that 2.88m new dark web accounts were registered to view or share indecent images of children. Similarly, cryptocurrencies are noted as being used to launder funds, although this remains lower than other methods.

Cybercrime on the rise

What is clear from the report is that cybercrime motivated by profit is now becoming a more professional and lucrative business than ever before. Criminals are gradually changing tactics to improve their profit margins and are exploiting a lack of basic cybersecurity, which would help to prevent a large portion of the attacks.

MDR Cyber works with businesses and individuals affected by cybercrime. We work with our lawyers to pursue the recovery of misappropriated funds and to disrupt criminal infrastructure through lawful takedowns. We also help our clients understand their key cyber risks, build incident response and recovery plans, and develop cyber security strategies to improve their chances of successfully thwarting attacks.

Keep reading

Event Sponsorship
The IFG continues to celebrate its 30th year in business this year and we are excited to announce our next Flagship Fraud Conference in London in November.
IFG London Flagship Fraud Conference – Thursday 21 November 2024. REGISTER NOW!
Join us for International Fraud Group’s flagship conference in London this autumn.  Engage with international lawyers, forensic accountants, investigators, restructuring and insolvency experts, crypto gurus and many others in the international asset recovery and fraud investigation space. With an exciting programme planned, we welcome two keynote speakers: Tyler Hodgson – International Team Lead at the
OffshoreAlert – Marbella – 19-21 June 2024
We are excited to that our sponsors Grant Thornton UK LLP, Kevin Hellard and Colin Diss are attending and sponsoring OffshoreAlert Marbella! Get ready to experience an unforgettable blend of business and pleasure at OffshoreAlert Marbella 2024! Set against the stunning backdrop of the Kempinski Hotel Bahía in Estepona, Spain, this premier event will take place from June 19-21. Join us to
‘Project Prevenirea și Perturbarea’ (Project Prevent & Disrupt (PSP)), Press Release, STOP THE TRAFFIK
With funding from the UK Home Office and British Embassy Bucharest, as well as the International Fraud Group, STOP THE TRAFFIK (STT) launches ‘Project Prevenirea și Perturbarea’ (Project Prevent & Disrupt (PSP)), a programme aiming to disrupt sexual exploitation between Romania and the UK. Right now, the Romania to UK route is heavily run by