Almost all cyber crime is financially motivated and insurance is a major target, according to a report by the Australian Institute of Criminology.

Yet the report by a senior research analyst at the Institute, Raymond Choo, finds a lack of understanding about the magnitude of cyber crime.

He says the financial services and insurance industries’ size and increasing dependence on IT exposes them to a wide spectrum of financially motivated cyber-criminal activities.

“Rapid changes in technology mean we are still yet to uncover the true extent of cyber crimes committed against businesses,” he told insuranceNEWS.com.au.

Dr Choo’s analysis found finance and insurance businesses are most likely to be targeted by malicious software – usually referred to as malware – but a significant proportion of security vulnerabilities can be mitigated with good security practices.

These include patching, minimising administrative privileges and using “white-listing”, or approved access, to prevent unapproved applications from running.

Dr Choo says managers need to stay abreast of trends in cyber crime and keep anti-virus systems updated regularly.

Businesses that do not patch their systems immediately are at risk, as cyber crime is moving more quickly. Criminals can now target vulnerabilities that are not publicly known, or on the day a problem is made public and before a business can protect itself.

Another emerging trend is the targeting of top executives and high net worth individuals, known as “spear phishing”, to get into corporate online banking systems and networks.

This is done by sending messages that appear to come from legitimate organisations such as banks and insurance services asking victims to disclose personal financial information.