Cyber-fraud More Than Just a Cost of Doing Business—It May Be Deadly Business

Ara Trembly
Insurance Experts' Forum, November 30, 2009

While most of us will never hear about it, security experts have been telling us for years that some banks and other large companies have been quietly paying protection money to criminal syndicates who would otherwise bring down or seriously compromise their computer systems.  The victimized institutions have apparently accepted such extortion as a given, and are looking at it as just another cost of doing business. 

But can any insurer, broker or other company really afford to be so cavalier about what is happening, even if we’re not talking about extortion? According to former prosecutor and FBI agent Chris Swecker, the answer is clearly no. Swecker, who is the founder of Chris Swecker Enterprises, pointed out in a recent interview with me that, “The potential to commit fraud is magnified on the Internet,” adding that cyber crime is a low-risk and profitable undertaking.  “Law enforcement authorities aren’t likely to arrest some guy in Romania who is part of a hacking syndicate,” he said. 

Obviously, fraud is a huge concern for insurers, which is why they devote so many resources and so much money to preventing it. Yet many insurers acknowledge that below a certain dollar threshold, they don’t find it profitable to pursue fraudulent activity. The dollar amount undoubtedly varies from insurer to insurer, but I have been told that carriers generally set the limit between $3,000 and $5,000. Any losses that come about as a result of fraud that nets a lesser amount are routinely ignored, and written off as a cost of doing business. 

That sounds like good business, but it fails to acknowledge that a man (or a company) may just as easily die from 1,000 cuts as from a single mortal wound. Swecker noted that, “Terrorist financing and criminal actions (like fraud) often intersect.” He said that much of the funding for terrorist activity worldwide comes from the proceeds of such activity. 

“Fraud funds terrorists,” he explained.  “They perpetrate banking or credit card fraud, then use the proceeds to turn around and hurt us again.” In some cases, he noted, terrorists will hire hackers to commit such crimes in order to fatten their own nefarious coffers. 

That really puts a whole new light on the idea of allowing smaller crimes to continue, doesn’t it? Certainly, banking or credit card transactions are an important part of what takes place in the insurance industry, and if it were just a matter of focusing on bigger fish, I would have no problem with that approach. If, on the other hand, cyber-criminals are perpetrating many “small” frauds, then turning around and using the accumulated funds to endanger American lives both here and abroad, I have a huge problem with that. 

What can we do? Swecker suggested that modern fraud sniffing software can help detect patterns of network-based fraud activity that originates in places like Russia, Egypt and Romania. Such software employs aggressive analytics along with a case management system that seeks to manage workflow and to raise red flags. 

Will insurers and others have to spend more money to do this? Absolutely. Then again, what is it worth to your organization to thwart a well-planned series of “small” events that could end up hurting the company overall and—more important—might well cost American lives? 

No one can require us to raise our level of vigilance to this level. But can we afford not to? 

Ara C. Trembly ( is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at

The opinions posted in this blog do not necessarily reflect those of Insurance Networking News or SourceMedia.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

It’s Okay to Take a Breather from the Technology Maelstrom

Even in technology, good things may take time.

Customers for Life

Insurers once had a monopoly on lifetime customers, but technology has changed the game.

Smarter Tablet Use Could Transform Insurance

By reducing administrative tasks and automating paperwork, tablets can increase agentsí selling time and help them respond to customers in seconds, not hours.

Insurance Wake-Up Call: Embrace the Shared Economy Opportunities

SMA believes that insurers must embrace a "shared economy," crowdsourcing and open innovation to get ahead in the new marketplace.

The Lion and the Mouse: Start-ups Pitch to Top Insurer

Insurers should be on the lookout for innovative partnership arrangements that produce unique and valuable solutions.

Silicon Valley Ventures

A trip to area hotbed of technological innovation calls into question the potential viability of insurers' legacy systems, operations and processes.