“The criminals are geniuses, they are absolutely brilliant,” said one industry figure, from the wealth management financial sector. Source: ‘Cyber criminals steal millions via wealth managers’
This is the most deceptive of statements, a classic magician’s trick better known as misdirection. A form of deception in which the attention of an audience is focused on one thing in order to distract its attention from another. The distraction here is for a highly respected and intelligent group of people to be heralding the ‘brilliance‘ of criminals. In doing so they make the objective of attention the criminal, whilst the reality is the audience’s attention should be on the arrogance and ignorance of the Wealth Managers. This is not helped by the Banks that are no better in their way of leading by example! I made the case against the Banks shocking conduct in my earlier blog ‘Banks Continue to Foster online Fraud’.
A Wealth Management sector that so many hold in awe of their expertise and intelligence, trusting their hard earned and others ill-gotten gains to in blind trust. If the above quote is anything to go by, blind ignorance and a complete lack of proper due diligence would be more appropriate. As for the insurance companies who underwrite the professional indemnity of these ‘Wealth Mangers’ I would be calling in all cover papers and ramping up the premiums till these so called God’s of the market’s take on some basic education in the use of IT they place so much dependency on today. For that is all we are talking about, going back to school to learn how to use IT safely and securely. This is not a black art it is as simple as 1st grade arithmetic.
If the quoted individual above actually knew how simple it is to conduct a ‘man in the middle attack’, that is bread and butter to cyber criminals today, they would hang their head in shame. You don’t have to be an IT expert to be able to make use public Wi-Fi network’s or even security enabled ones with a bit more effort. Just watch one of the dozens of online videos that explains how, enter ‘How to Hack Wireless Networks’ in any search engine if you don’t believe me. The process that is heralded as ‘Brilliant’ equates in computer terms to nothing more than someone listening to a conversation that is conducted in public for ANYONE to hear. If you say anything out loud in a public forum EXPECT people to hear you! Back to Banks and their encouragement with the most embarrassing of security checks – email! You start to peel away the layers of obfuscation, and what are you left with, industry leaders underinvesting in an area of risk that is verging on negligence.
The worrying thing is that this is not unique, as this vertical sector of intellectuals, ‘Few companies weigh up cyber security risk’. As long as this continues and the belief is pedalled that there is some ‘Elite’ criminal class at work out there organisations will continue to wallow in their own ignorance at the expense of their customers and the insurance industry.
Unfortunately despite the continued parade of compromises and million pound failures due to cybercrime that the financial industry suffers the Insurance Industry which could drive some significant behavioural change seems to be happy to continue paying out for what is incompetence verging on professional negligence. I am sure that if you looked hard at any of your policies that professional negligence would exclude you from writing cheques for these playground mistakes? How about following through and insisting on education, demonstrable in the form of Certification for end users in certain market sectors proportional to risk? This is bread and butter for underwriters, a whole new market and line of business for any Insurance company, certification of users. On the one side you drive a revenue stream for the courses and certification, on the other you reduce your cover risk. Sounds like a no brainer ….. and whilst it will not stop the hacking, it will at least make sure the criminals earn the accolades of ‘brilliance’!
For now the majority of financial sector professionals remain on the metaphorical road driving recklessly WITHOUT A LICENSE ….