Cyber criminals prey on all kinds of businesses for monetary gain, yet the sheer volume of funds in play within the Asset and Wealth Management sector (AWM) makes it a prime target for the most sophisticated attacks. The rapid growth of FinTech has massively expanded the number of potential avenues for criminal activity, and the level of connectivity between different financial entities has created new opportunities for criminal operations to embed themselves within networks, making it increasingly difficult to identify and defend against malicious threats. There are three main types of threat relevant to the AWM sector: ransomware, denial of service, and business email compromise attacks.
Ransomware is a form of malware that, if it gains entry into a system, will encrypt files – and the victim is usually then instructed to make a payment to recover their data. The threat of ransomware came to public prominence with high profile incidents such as the DoppelPaymer attacks, and Maze - a particularly sophisticated strain of Windows ransomware that has seen numerous large companies facing ransom demands in exchange for the recovery of encrypted data. This type of threat is particularly dangerous for AWM firms because any data security breach can also have serious implications for a firm’s regulatory compliance.
A denial-of-service (DoS) attack is a type of cyber threat in which a malicious agent aims to render a computer or entire system unavailable for its intended use – typically by flooding and overwhelming the targeted system with requests until normal traffic is unable to be processed, resulting in denial-of-service to genuine users. A DoS attack can be orchestrated and launched by a single criminal acting alone through a single computer, and such attacks have proved very effective in soliciting ransom payments from victims. Although the authorities warn against making payments to cyber criminals, it’s clear that many have done so in order to avoid potentially greater losses resulting from system lock-out.
Business Email Compromise (BEC) attacks
A BEC attack starts with the cyber criminal hacking an email account in order to impersonate a genuine individual – potentially a vendor, an investor or a senior executive. Once they have established their new identity, the criminal will usually make a request for a payment or transfer of funds. Incidents of this type have grown geometrically over the past 5 years, and given the size of rewards available, it’s perhaps no surprise. In May 2020, a Norwegian investment funds was relieved of $10 million USD by a sophisticated BEC attack in which the criminals spent significant time studying their victim’s operations in order to establish unquestioned credibility. It’s this level of sophistication that makes BEC attacks so difficult to defend against.
Combating the threat
Maintaining robust defences against a growing barrage of threats is now seen as another cost of doing business in the AWM sector. And investment in cyber security is now a vital component of tech strategy, spanning cyber security and resilience training for personnel, business-as-usual software security, and the ongoing evaluation of an organisation’s ability to maintain control and continue operations in the event of an attack.
Our close ties with leading employers and professional bodies provide us with a unique view of developments across a variety of industries. Through regular e-newsletters, we are able to share these insights with our clients and candidates, providing valuable news and information about their specific sectors.