Bank of America cyber crime specialist talks hacker prevention amid COVID-19 scams

Cyber crimes aren’t new to businesses, but hackers are taking advantage of the disruption of the COVID-19 pandemic and protests to make businesses more vulnerable, according to the senior vice president of Global Information Security at Bank of America. 

“What we’re seeing around coronavirus… we’re seeing a lot of the same methods and a lot of the same techniques being used, they’re just being used as a target for the COVID-19 virus,” said Lynn Martin in a Wisconsin Manufacturers & Commerce webinar. “There’s no good pandemic that goes unexploited.”

She noted over 2,500 incidents of new malware that have been released and spread around COVID-19 emails alone, the same type of phishing attacks that people have seen “for years” only now they’re focused on COVID-19. 

The annual cost of cyber crime expected by 2021 is $6 trillion dollars, said Martin. And the average weekly salary for cyber criminals is up to $10,000 a week.

“As you can see, it’s pretty lucrative to sit at home and hack on your computer. You don’t need many tools. You just need a computer and the knowledge of how to do these things,” she said. “And 54 percent of companies claim that they don’t know that they are able to reduce cyber risk due to employee negligence.” 

Martin noted more than 80 percent of all threats, compromises and attacks are caused by insiders are non-malicious, because it was due to a mistake — someone clicked on a link or opened a document that they shouldn’t have.  

Bank of America’s team of 2,500 cyber professionals spent more than $800 million in cyber security in 2019 and projects to spend about the same in 2020 to combat losses around malware or ransomware — the tools that hackers use to take over computers and get personal data. 

Email compromise is the number one fraud sector used to commit fraud against companies today, said Martin. It had a 16.7 percent increase from 2018 to 2019 — and will continue to increase in 2020. 

And 90 percent of phishing incidents are caused by human error.

“It’s absolutely critical that people be trained and tested on a regular basis,” said Martin. “Just be hypervigilant. It’s an extremely sensitive and fragile time in our country, and you just need to be even more vigilant than you have in the past around not opening attachments or emails of that nature and the people in your company need to do the same.”

-By Stephanie Hoff

WisBusiness.com