Firms in the alternative investment space have long confronted distinctive security challenges. After all, if you’ve successfully earned the trust of high-net-worth individuals and institutional investors, someone who breaches your IT environment will gain access to treasure troves of sensitive data and information about significant pools of capital—exactly what it takes to attract the eye of criminals seeking the quickest path to financial gain.
It’s no surprise that, according to Boston Consulting Group, financial services firms are 300 times more likely to be targeted in cyberattacks than companies in other industries, and those attacks are more costly to their victims than attacks in any other sector.
As we embark upon a new year and the start of a new decade, wealth managers face a critical imperative: they must adopt a strategic, risk management-based approach to the cybersecurity threats they now face. As attackers continue to grow more resourceful and sophisticated, this is the only way to protect a firm’s investors—and with them, its reputation.
Here are five key cybersecurity trends we’re seeing in the financial services sector today, and what they mean for the year to come:
#1: Phishing attempts are better targeted, succeed more often, and are more lucrative when they do.
Phishing attacks, which played a role in nearly a third of the data breaches that occurred last year, continue to generate increasing amounts of revenue for criminals. Global exposed losses due to this type of activity increased by 136% between December 2016 and May 2019 according to FBI reports.
Email impersonation attempts are more convincing and better targeted, and they remain difficult for today’s email security gateways to detect. Some criminals take over legitimate email accounts to exploit friends and business associates of their victims, while others send individual messages that are so carefully crafted that it’s near-impossible to distinguish them from legitimate communications.
#2: Criminals are getting up close and personal with their targets
As criminal organizations increasingly turn to automated tools to scan social media platforms and the wider Internet for personal information about potential victims, they’re getting better and better at socially engineering attacks. If, for instance, the son of one of your firm’s leading employees posts a series of family vacation photos on Instagram, criminals can now readily deduce that your employee is away from the office—and use that information to guide the timing of a spear phishing attempt.
Not only should financial services firms be mindful of the information about the company that their employees are making publicly available on social media, but they should exercise care in revealing information about their personal lives that could be exploited in a cyberattack. An executive or well-reputed employee known to be in the hedge fund or private equity sector makes an exceptionally attractive target.
#3: Nation-state level attacks are increasing in prevalence.
Not only have state-sponsored cyberattacks become more sophisticated, but they’re now targeting an increasing number of verticals. No longer motivated solely by the aim of gaining military or competitive intelligence, nation-state level attackers are now also seeking to disrupt business operations by targeting critical infrastructures, essential technologies, and the financial sector.
Because they’re well-resourced and highly professional, these attackers will easily be able to evade the majority of security controls in your environment. And because they operate at all times of day and night—or whenever their research shows they’re most likely to be successful—24/7 monitoring is now a must-have. Building a round-the-clock security operations center (SOC)—or engaging with a managed service provider with SOC capabilities—so that you can develop rapid incident response capabilities is essential for reducing your risks in this threat landscape.
#4: Attackers are sharing and selling information more regularly.
Because the Dark Web isn’t indexed by standard search engines, and because its content is encrypted, it’s challenging to determine the exact volume of activity, whether legal or illicit, that takes place there. Nonetheless, marketplaces for stolen personal and financial data have proliferated since cryptocurrencies such as Bitcoin have come into more widespread use in the past few years. It’s easier, too, for would-be cybercriminals to purchase exploit kits so that they can launch ransomware attacks even if they don’t have enough technical know-how to develop their own malicious software.
As cybercriminals have become more willing and able to exchange information about potential victims and systems’ vulnerabilities, it is incumbent upon all of us to take a more collaborative approach to building our defenses. This includes sharing threat intelligence. It’s particularly valuable for smaller hedge funds and private equity firms to keep track of the types of attacks that major banks and larger firms are seeing, since similar tactics may be used against them in the near future.
#5: Regulatory bodies are driving stricter controls, while investors demand more transparency.
The global regulatory landscape is growing in complexity, and firms are expected to deploy more sophisticated security controls, to better document procedures, and provide more detailed and granular reporting. For hedge funds and private equity firms, this means that what was once the sole responsibility of the IT department has become a priority for legal and financial decision-makers as well. Accordingly, cybersecurity concerns are being given more attention and better funding.
Investors are increasingly likely to scrutinize funds’ security practices closely when making final decisions about where to invest. Not only can a breach result in immediate losses, but it can damage a firm’s reputation to the extent that its portfolio value will be diminished.
Want to learn more about how to develop cyber resilience and a solid risk management strategy for your hedge fund or private equity firm? Contact us for more details about our cybersecurity solutions and services.