Kroll Report Finds Fraud, Cyber-Attacks Increased in 2016

The Kroll Global Fraud and Risk Report for 2016 shows that cyber-fraud incidents increased during 2016, though not all the news was bad.

According to the Kroll Global Fraud and Risk Report, fraud has been increasing steadily since 2012. For 2016, 82 percent of survey respondents reported experiencing fraud, up from 75 percent in 2015.

The majority (87 percent) of respondents indicated that fraud losses represented less than 3 percent of revenues in 2016. However, 3 percent of respondents noted that fraud losses represented 7 percent to 10 percent of revenue.

While ransomware has been cited by multiple other 2016 security reports as a growing trend, the Kroll report found that only 13 percent of respondents suffered a ransomware attack in 2016. In contrast, 33 percent identified “virus/worm infestation” as a cyber-incident they experienced in the past 12 months.

Cyber-attacks can be enabled by many different factors and events. The leading reason cited by the Kroll report was software vulnerabilities (26 percent).

For those companies reporting being the victim of a cyber-attack or information loss incident in 2016, employees were identified as primary perpetrators. Ex-employees were identified as the main cause by 20 percent of respondents, while 14 percent cited freelance or temporary employees as being the perpetrators of a cyber-event.

The Kroll report is a global study, with many of the statistics for the United States almost mirroring worldwide numbers. One area that differs, however, is the entity most commonly contacted following a cyber-incident. In the United States, 43 percent of respondents said they would contact an IT service vendor, while the global number is only 27 percent.

Though fraud is on the rise, the report has some positive findings, including the fact that 80 percent of respondents have developed and implemented security policies and procedures at their organizations.