Stealing Company Funds is Top White Collar Crime in Australia
Stealing company money is the top white collar crime in Australian companies, a PricewaterhouseCoopers (PWC) survey released on Thursday said. Almost 50 per cent of Aussie firms reported at least one incident of white collar crime in the past 12 months.
At least 16 per cent of the companies surveyed reported losses of over $5 million due to the corporate crimes. The survey said the second top white collar crime in the country is cybercrime which accounted for one third of reported incidents.
It was followed by bribery and corruption, accounting fraud, money laundering and intellectual property infringement. The incidents in Australia of the white collar crime rankings reflected global trends.
Malcolm Shackell, PWC partner, said that asset misappropriation took various forms such as asset disposal, fraudulent invoicing and employee expense fraud which often occur daily. However, because of heavier reliance on technology, such kinds of asset misappropriation practices are changing in the form of new cybercrimes. These include distribution of viruses, illegal download of files and theft of personal information such as bank accounts.
Cybercrimes in Australia comprise 30 per cent of all white collar crimes committed, higher than the 23 per cent globally and 22 per cent in Asia-Pacific.
"Cybercrime is the biggest growing threat to business and no longer just the domain of the serious hacker. It's low-cost, high-rewards and anonymity has a broad appeal," Mr Shackell explained.
The report said the typical Australian white collar criminal is a male middle management staff employed by the company for three to five years.
The increase in cybercrimes is because of the lack of preparedness by companies to deal with the increased risk. More than half of the companies surveyed admitted it does not have in-house capability to prevent or detect cybercrimes. Twenty per cent of senior company executives did not review cybercrime risks and only did it on an ad hoc basis. This viewpoint is because of a belief that cyber security is a responsibility of the company IT department.
PWC Director and cybercrime expert Richard Bergman pointed out that attackers are often very persistent and look for company weakness and then exploit it. He disclosed that email addresses and passwords were the most frequent targets of cybercriminals because of the valuable information that could be mined from these. He said an email address and password cost $35 on the black market, while credit card details cost $25.
The finding of the PWC report was confirmed by the talk of Pure Hacking Chief Technology Officer Ty Miller at the inaugural Cybercrime Symposium on Thursday. Mr Miller disclosed that there was a tripling of data attacks on Australian business for the first two months of 2012. He warned such incidents would continue to rise.
Mr Miller said the growing success of hackers could be attributed to the download in the thousands of hack tools over a short period of time. He said Pure Hacking, a leading specialist information security consultancy in Australia, will soon release a new range of offerings to provide better protection and manage information security.
"The same actions and risk management procedures must be undertaken for any successful penetration into a corporate network, often resulting in a significant budget impact to IT departments and risk management procedures and solutions. Based on our experience with clients already this year, it is imperative that elements of information security has now moved into the necessary rather than optional category. This particularly applies to any Web Application Firewall device," Mr Miller said.