Cyber security and fraud risks

Cyber attacks and fraud will continue to increase as emerging technologies like artificial intelligence (AI) grow in scope and become more accessible. The 2023 BDO Global Risk Landscape Report shows cyber attacks and fraud were ranked as one of the top three combinations of risk multipliers posing a threat to organisations worldwide.

AI as a weapon

Disruptive technology is amplifying cyber and fraud risks faced by companies globally and we’re starting to see this trickle into the local market. The National Cyber Security Centre’s 2022-2023 Cyber Threat Report revealed there were record-high levels of financially-motivated cyber activity in 2022-2023, with cyber criminals adopting new techniques and technologies to challenge orthodox detection methods.

Generative AI is one of the biggest risks for organisations to take note of. While AI presents countless opportunities for businesses, it can also be exploited. Examples include the use of AI to produce derivative malware that evades detection software, or simply using AI applications to launch cyber attacks. Criminals can also use AI to steal or manipulate data to commit credit card fraud and identify theft.

Organisations making use of AI and other disruptive technologies to advance their operations must be aware of the risks posed by these technologies, including phishing and hacking internal systems. A fine balance must therefore be struck between utilising AI and having it used against you.

Cash theft and financial crime

Investment scams are one of the leading instances of financial crime throughout the country, often involving vulnerable victims lured in by promises of high financial returns. These schemes are becoming more sophisticated and harder to spot; as Kiwis look for ways to make their money go further in the current economic conditions, they must also be on heightened alert for scams and scenarios that sound too good to be true.

Cryptocurrencies remain one to watch, adding a new dimension to financial crime. The anonymity offered by these digital assets can be harnessed by fraudsters and money launderers, making it important for regulatory bodies to quickly establish regulatory oversight in this space. Regulating digital and decentralised organisations is extremely challenging, and the Reserve Bank of New Zealand has expressed concerns about several risk factors, including the challenges that some crypto assets pose for managing money laundering and preventing cyber risks.

Cascading risk from cyber crime

The impacts of fraud and cyber crime can be extremely wide-ranging, including the obvious financial damage and business interruptions posed by phishing, hacking, ransomware attacks, and internet fraud. Reputational damage is a significant risk which can be triggered by these types of events, particularly in the case of data leaks and insecure systems which compromise customer or supplier data. Sensitive ESG-related information can be vulnerable to data breaches and other fraud, which can have an enormous knock-on effect when it comes to reputational damage.