Austrian airplane component manufacturer FACC AG isn’t having a great month. According to CSO Online, the company’s newly released 2015 third-quarter results report spelled out a recent cyberattack on the accounting department of its FACC Operations unit. This is no small theft: Criminals flew the coop with more than $50 million in liquid funds.
While FACC AG said the loss does not pose an economic threat to ongoing company operation, it’s a wake-up call for other enterprises: Large-scale cybercrime is off the ground and gaining altitude. Is it possible to avoid financial free fall?
Cybercrime Goes Up, Up and Away
While FACC AG hasn’t been forthcoming with the details of the breach, it has assured investors that IT infrastructure, data security and intellectual property rights all remain secure. Speculation about the outflow of significant assets suggested the use of fraudulent wire transfers — once completed, it’s almost impossible to reclaim money even if criminal intent is proven. With criminals developing new email compromise and login theft techniques, these transactions often appear legitimate long enough to fool financial professionals.
As noted by Live Mint, fraud-based cybercrime is rising worldwide. A recent Ernst & Young report found that cybercrime is the fastest-growing fraud risk in India, while Data Quest predicted that mobile cyber fraud will become a serious problem for businesses across the country in 2016. In other words, although FACC AG’s loss is noteworthy owing to its size, this type of cyberattack is quickly becoming commonplace.
On Solid Ground
So how do companies mitigate the threat of cyber fraud losses, especially when attackers are so good at getting in, stealing cash and escaping notice? One option is beefing up internal security controls, hiring more IT security staff and piling on cybercrime budgets to help track down possible fraud indicators. Here, the biggest motivator is fear: Companies don’t want the public or competitors to know they’ve been hit, how much they’ve lost or if their systems contain potential vulnerabilities.
There might be a better way. In Canada, top industry leaders have created a new network — the Canadian Cyber Threat Exchange (CCTX) — set to launch in the next few months, according to the CBC. This independent, nonprofit organization will act as a “clearing house” for companies to report cyberattack vectors, malware types and even cybersecurity responses. Ideally, the exchange should help all CCTX members become better prepared and better equipped to handle emerging cybercrime threats.
Bottom line? No company wants to admit it has lost millions to fraud thanks to an IT breach. What if competitors take advantage or consumers abandon ship? But this kind of thinking is like grabbing your luggage when the plane is going down; no one walks away if the aircraft hits the ground. Data shared offers the chance for money saved. If companies want out of the cybercrime free fall, it’s time to be forthright.