When Business Bank Accounts Are Hacked: Try Mediation Instead Of Going To Court

By Author: Amicus Mediation & Arbitration Group, Inc. provides Alternative Dispute Resolution (ADR) services to
Total Articles: 4
Comment this article

Many banks and companies do not fully understand this threat (also called “corporate account takeover”) and are unprepared. When hit with financial losses, companies may sue their banks. Courts are beginning to question bank security procedures, creating an impetus for these cases to settle. Taking these cases to trial is very time-consuming and expensive; companies that get their money back sometimes spend more in attorney fees and court costs than they lost. Mediation using a subject matter expert is a much better alternative because it is faster, cheaper, confidential, and flexible.

The Cyber Threat To Business Bank Accounts Is Real And Growing

We are learning more about the cyber threat to businesses because more companies are willing to talk about what happened to them. The New York Times states that some victims of online hacking are breaking the silence that usually surrounds a cybersecurity incident; hackers have hit thousands of American corporations in the last few years, including Twitter, Google, Facebook, Intel, Adobe Systems, and Apple, but few companies ever publicly admit it. [2] A security ...
... consultant said, “I divide up the entire set of Fortune 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know.”[3] The Washington Post reports that more companies are disclosing cybersecurity incidents in reports required by the Security Exchange Commission. At least 19 financial firms have been recent targets, including Bank of America, Citi, Wells Fargo, and JPMorgan Chase.[4] Security experts say the real scale of companies affected by cybersecurity incidents is much larger.[5] A review of recent media reports shows the extent of the cyber threat specifically to business bank accounts:[6]

The New York Times reports that, according to computer security specialists, corporate account takeovers have become “increasingly common and small businesses are especially easy prey because many lack firewalls and monitoring systems.”[7] Statistics on the extent of the thefts have not been compiled by regulators, but experts estimate that more than 10 percent of small businesses have had funds stolen from their bank accounts—losses totaling more than $2 billion.[8]
According to the Wall Street Journal, bank robberies are on the decline as criminals see greater rewards in online theft.[9]
The Krebs on Security website writes about how a “distributed denial of service,” or flooding cyber attack, on a bank provided cover for the cyber theft of $900,000. A 2012 Christmas Eve attack against the website of a regional California financial institution helped to distract bank officials from an online corporate account takeover against one of its clients.[10] The website also reports that cyber thieves are targeting small businesses.[11] A $170,000 cyber heist in December 2012 against an Illinois nursing home, for example, starkly illustrates how cyber criminals can hack a business’ computers to exploit security weaknesses at small and regional banks and credit unions. Cyber attacks on small businesses are increasing: late 2012 data suggest that cyber attacks aimed at small businesses doubled over the previous six months.[12]
A leading cybersecurity firm finds a threatened cyber attack on banks “credible” and that at least 500 accounts are vulnerable after early attacks planted software that could help thieves steal money.[13]
• An independent blogger writes that the threat of cyber theft from our nation’s banks is growing and that we are all suffering from the mistaken idea that our money is safe after we put it in a bank.[14]
A former senior cyber official at the FBI said of the effort to prevent cyber theft from businesses: “We are not winning.”[15] He said too many companies, from major multinationals to small start-ups, fail to recognize the financial and legal risks they are taking—or the costs they may have already suffered unknowingly—by operating vulnerable networks.[16] He stated, “I don’t see how we ever come out of this without changes in technology or changes in behavior, because with the status quo, it’s an unsustainable model. Unsustainable in that you never get ahead, never become secure, never have a reasonable expectation of privacy or security.”[17] A senior cybersecurity fellow at a leading institution was blunter: he said we have lost the opening battle with hackers and he did not believe there was a single secure, unclassified computer network in the United States.[18]