Twelve-fold increase in cyber crime incident reports to the FCA since 2017

Reported security incidents on financial services increase from 69 in 2017 to 819 in 2018 - with 93 outright cyber attacks

Cyber attacks on financial services firms increased 12-fold in 2018, with 819 incidents reported to the Financial Conduct Authority (FCA) in 2018 compared to 69 in 2017.

And banks were the most frequently targeted, accounting from more than half of the reports (486). This was followed by whole financial markets, with 115 reports, and retail investment firms with 53.

Furthermore, there were 93 outright cyber attacks on financial services in 2018, with half accounted for by phishing expeditions and 20 per cent attributed to attempted ransomware.

AI & Machine Learning Live is returning to London on 3rd July 2019. Hear from the Met Office's Charles Ewen, AutoTrader lead data scientist Dr David Hoyle and the BBC's Noriko Matsuoka, among many others. Attendance is free to qualifying IT leaders and senior IT pros, but places are limited, so reserve yours now.

The figures were acquired by accountancy firm RSM under the Freedom of Information Act.

However, RSM cautioned that part of the reason for the big increase might be the raised awareness of IT security and breach reporting following the introduction of GDPR. The FCA has also pushed for greater IT security awareness in the financial services industry, and created cyber coordination groups across the industry to share information and spread best practice.

Table (bordered)
Root cause
Number
Percentage
Third-party failure
174
21%
Hardware or software
157
19%
Change management
146
18%
Cyber attack
93
11%
TBC
93
11%
Human error
47
6%
Process or control failure
45
5%
Capacity management
25
3%
External factors
17
2%
Theft
11
1%
Root cause not found
11
1%
Total
819

Intriguingly, perhaps, the figures indicate that third-party failure was the leading root cause of cyber incidents, according to the FCA, accounting for 174 reports or 21 per cent of the total. This was followed by hardware/software with 157 (19 per cent) and change management with 146 reports (18 per cent). Cyber attack was only the fourth root cause of incidents reported to the FCA.

"While the jump in cyber incidents among financial services firms looks alarming, it's likely that this is due in part to firms being more proactive in reporting incidents to the regulator. It also reflects the increased onus on security and data breach reporting following the GDPR and recent FCA requirements," said RSM technology risk assurance partner Steve Snaith.

Table (bordered)
Retail banking
486
59%
Wholesale financial markets
115
14%
Retail investment
53
6%
Retail lending
52
6%
General insurance
49
6%
Pensions and retirement
35
4%
Investment management
29
4%
Total
819

Failure to immediately report a suspected cyber attack to the FCA could expose a firm to sanctions and penalties from the FCA. Even so, Snaith believes that under-reporting remains rife.

"The figures also underline the importance of organisations obtaining third party assurance of their partners' cyber controls. Moreover, the continued high proportion of successful phishing attacks highlights the need to continue to drive cyber risk awareness among staff," said Snaith, who also highlighted the risks posed by inadequate change management processes.

"Overall, there remain serious vulnerabilities across some financial services businesses when it comes to the effectiveness of their cyber controls. More needs to be done to embed a cyber resilient culture and ensure effective incident reporting processes are in place," added Snaith.