Growing cybercrime menace hits unwary firms
Swiss companies are slowly waking up to the realisation that their businesses could be dramatically affected by cyber fraudsters, according to a survey.
Cybercrime ranked as the second biggest threat of fraudulent activity for Swiss firms this year and is forecast to be the biggest security problem they face in the next 12 months.
While Switzerland is no more exposed to corporate criminal attacks over the internet than any other comparable country, it is particularly sensitive given the strength of the financial industry and the banking secrecy laws that surround the sector.
A corporate crime survey by accountancy and auditing firm PricewaterhouseCoopers (PwC), published on Tuesday, found that 18 per cent of Swiss firms were the victim of some sort of fraud this year. Cybercrime was ranked as second most common type of activity, making up a fifth of reported cases.
More than a third of the 140 companies surveyed believed that cybercrime would overtake asset misappropriation as the most common corporate crime next year.
Poor controls
However the technical and evolving nature of internet-based fraud, such as hacking and phishing, has left many senior managers befuddled and has hampered efforts by firms to implement effective controls.
“Awareness of cybercrime is increasing, but effective controls to combat the problem are lagging far behind,” PwC head of forensics Gianfranco Mautone told swissinfo.ch. One in every five cyber attacks is detected by pure chance or the intervention of external policing, the report found.
Swiss managers appear to have lagged behind their foreign counterparts in their awareness of cybercrime. The PwC survey found that half of Swiss firms saw an increased threat this year compared to 39 per cent of companies in other countries.
And too many companies only shut the stable door after the horse had bolted. While not classified as a cybercrime, the theft of CDs containing banking data in the last few years serves as an example of how easy it can be to get around static security controls.
“It was not until the CDs started to be sold in other countries that the banks started to really contemplate the problem,” Mautone said. “Sometimes it needs a major incident to make things happen.”
Innovation theft
The cyber attacks on the New York Stock Exchange, that forced the bourse to temporarily shut down last month, should serve as ample warning about the danger of such crime, Mautone added.
But it is not just financial giants that are at risk from internet scams, the PwC report warned. Switzerland’s myriad of small and medium-sized enterprises (SMEs) could just as easily find themselves compromised by a determined hacker.
“The lifeblood of many of these companies is innovative designs that give their product a competitive advantage,” said Mautone. “Losing these secrets could spell disaster for any SME.”
Cybercrime does not just affect businesses, with scammers also targeting individuals. Between 6,000 and 7,500 cases of internet crime are reported to the authorities every year, according to official statistics.
Most of the cases involve pornography, but the Swiss Coordination Unit for Cybercrime Control also received 370 reports of economic crime, such as hacking bank accounts, last year (up from 254 in 2009).
Strong measures
Cybercrime of all varieties cost victims in Switzerland some SFr924 million ($1 billion) in 2010, according to a September report by security software company Symantec.
In an effort to combat the growing threat, the Swiss authorities have brought in new laws that will come into force from the start of next year.
The new laws will speed up the exchange of information with other countries, introduce tougher penalties for hacking and set up a new 24/7 police hotline to report suspicious activities.
The changes will make it possible for Switzerland to achieve its goal of signing up to the European Council’s convention on cybercrime.
But not all measures aimed at tackling cybercrime have been welcomed. Government plans to introduce surveillance on postal and telecommunications services have been criticised as a step towards a “big brother” state.
While the surveillance would be designed to catch perpetrators of human trafficking and paedophilia, watchdog groups have complained the measures could infringe privacy rights.
The PwC 2011 report on white collar crime this year highlighted the growing problem of cybercrime, particularly in Switzerland.
Of the 3,877 companies from 78 countries that responded to the global survey, 140 firms were from Switzerland.
18% of Swiss firms said they were the victims of economic crime this year compared to a global average of 34%.
Cybercrime affected nearly one in four global companies, according to the report – and one in five in Switzerland.
Cybercrime was the second most prevalent injury suffered by Swiss firms, while globally it was listed as one of the top four threats.
Reputational damage was listed as the biggest fear by most companies (39% of those surveyed).
More than half of Swiss firms believed that cybercrime was a bigger threat now than it was a year ago – compared with 39% of global companies.
But less than a third of Swiss enterprises conduct annual reviews of the threat while 11% said reviews were totally unnecessary. Some 41% of companies fail to arrange cybercrime training for their staff.
A third of Swiss companies surveyed believed cybercrime would be the biggest criminal threat to their organisation in the next 12 months.
In compliance with the JTI standards
More: SWI swissinfo.ch certified by the Journalism Trust Initiative
You can find an overview of ongoing debates with our journalists here. Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.