learn more
<https://castlehalldiligence.com>
shutterstock_490960141-1

Industry News: ESG5

Know Your Breach: The Florentine Banker

The target: Three large UK and Israeli-based Private Equity firms, among others, were targeted by an organized criminal enterprise dubbed ‘The Florentine Banker’ by security researchers.

The take: 1.1M GBP, transferred to fraudulent bank accounts – only half of which was able to be recovered.

The attack vector: The unnamed victims were targeted with a prolonged business e-mail compromise attack, where targeted phishing e-mails were sent to various employees, until eventually, attackers had access to multiple e-mail accounts. Over time, the attackers reviewed correspondence in these accounts to compile an overview of the structure of the firms, relationships with outside parties, and gained an understanding of the channels and procedures used to move money. From there, they added mailbox rules to redirect messages pertaining to wire transfers, and interjected themselves into those conversations using look-alike domains in order to intercept and redirect funds.

This story highlights the vital importance of compensatory controls and secondary validation steps around critical actions like transfer of cash (voice/video confirmation of the details of an e-mail request, for example). Furthermore, incidents like these serve to highlight the necessity of enabling (and enforcing) two-factor authentication on e-mail accounts and rigorous social engineering training and testing of staff to help prevent compromise. Ultimately, firms must nurture a culture of critical thought and encourage employees to question requests or actions which seem out-of-the-ordinary.

Read more...

Cybercrime Potential Rising with Virus Upheaval

2020-04-20

Pensions&Investments: The millions of Americans now working from home due to the COVID-19 pandemic presents an opportunity for bad actors looking to infiltrate individual retirement accounts, sources said.

Read more...

Zoom Users Top 300 Mln Despite Growing Ban List, Shares Hit Record

2020-04-22

Reuters: Zoom video conferencing app’s user base grew by another 50% to 300 million in the last three weeks, as the company fought to quell a backlash around security and safety that has seen a number of governments and firms ban its applications.

Read more...

SBA Says Data Breach Affected Nearly 8,000 Small Businesses

2020-04-22

American Banker: The agency has been informing applicants for its EIDL program by paper mail that it discovered the data breach on March 25. It said in its letter that it disabled the website, took steps to prevent the breach from happening again and is offering identity theft protection services to victims through ID Experts.

Read more...

Flaw in iPhone, iPads May Have Allowed Hackers to Steal Data for Years

2020-04-22

Reuters: The bug, which also exists on iPads, was discovered by ZecOps, a San Francisco-based mobile security forensics company, while it was investigating a sophisticated cyberattack against a client that took place in late 2019. Zuk Avraham, ZecOps’ chief executive, said he found evidence the vulnerability was exploited in at least six cybersecurity break-ins.

Read more...

Hackers Targeted Britain’s Virus Furlough Scheme Just Hours After it Went Live

2020-04-21

CNBC: Within minutes of the U.K. government’s furlough scheme going live, it was targeted by opportunistic hackers impersonating the country’s tax collection agency. 

Read more...

Cybersecurity Risks Set to Soar

2020-04-21

ETFExpress: The virus has debilitated regions, and decimated sectors with an unparalleled level of speed and ferocity. Its impact on companies and business models has been indiscriminate, hurting particularly those companies with weaker or under-developed digital underpinnings. Stronger players have had to shock themselves into emergency measures designed to prevent discontinuity. Companies have had to learn how to operate remotely, and virtually. And billions of people are now working from home and adjusting to virtual workplaces thanks to teleconferencing services like Zoom and Microsoft Teams. 

Read more...

“All in This Together”: How Hedge Funds are Tackling Cybersecurity Challenges in the Covid-19 Lockdown

2020-04-20

HedgeWeek: With the closure of non-essential workplaces during the Covid-19 pandemic shaking up the way financial services companies do business, the remote working environment is raising an assortment of operational challenges for hedge fund firms, spanning communication technology, data and information security, and infrastructure vulnerability. 

Read more...

Know Your Breach: Zoom

The target: Zoom, a popular videoconferencing service

The take: More than 500,000 username/password combinations, along with personal meeting URLs and HostKeys for active Zoom accounts were found currently for sale on the dark web.

The attack vector: Security researchers suspect that the list was not stolen from Zoom directly, but was rather compiled through ‘password stuffing’ attacks – where e-mail/password combinations from past breaches are tried against different sites and services. Attackers take previously breached username/password combinations and cycle through login attempts using the breached credentials – the successful combinations are compiled and sold.

This incident highlights a few key issues – namely, for individuals, the risks inherent in password re-use: this incident confirms that at least 500,000 active Zoom users are still re-using known compromised passwords, which attackers can use to gain control of their other accounts.

Institutionally, it highlights reputational issues – while this particular list of credentials was not exposed directly by Zoom, attackers are using the service’s popularity to market the list, and it gives the appearance of being yet another in a string of recent security incidents the videoconferencing service has had to answer for.

Read more...

Linksys Asks Users to Reset Passwords After Hackers Hijacked Home Routers Last Month

2020-04-16

ZDNet: Router vendor Linksys has locked user accounts on its Smart WiFi cloud service and is asking users to reset passwords after hackers have been observed hijacking accounts and changing router settings to redirect users to malware sites.

Read more...

North Korea Hacking Threatens U.S. and Global Financial System: U.S. Officials

2020-04-15

Reuters: U.S. government officials warned on April 15, 2020 about the threat of North Korean hackers, calling particular attention to banking and other financial services.

Read more...

Pru Warns Advisers of Email Scam

2020-04-14

Financial Times Adviser: In an email to advisers, sent last week (April 9), Prudential said it had been alerted to a number of emails which “at first glance” looked to be from a Prudential email account.

Read more...

Stay off Zoom and Google Hangouts, Standard Chartered Chief Tells Staff

2020-04-14

Reuters: Standard Chartered Plc (STAN.L) is the first major global bank to tell employees not to use Zoom Video Communications Inc (ZM.O) during the coronavirus pandemic due to cybersecurity concerns, according to a memo seen by Reuters.

Read more...

Ransomware Sets Sights on C-suite Executives – CyberCube

2020-04-14

Insurance Business: C-suite executives will increasingly be targeted as cyber criminals look for ways to extort money from large corporations, according to a new report from cyber analytics provider CyberCube.

Read more...

ACSC Called in on 427 Fed Govt Security Incidents Last Year

2020-04-14

IT News: A report on the ‘Commonwealth cyber security posture in 2019’ [pdf], released as Australia headed into the Easter weekend, provided a detailed breakdown of incidents that impacted Commonwealth (or federal) entities last calendar year, though it does not disclose which entities were victims.

Read more...

Cybercrime May Be the World's Third-Largest Economy by 2021

2020-04-13

Dark Reading: As organizations go digital, so does crime. Today, cybercrime is a massive business in its own right, and criminals everywhere are clamoring to get a piece of the action as companies and consumers invest trillions to stake their claim in the digital universe.

Read more...

Know Your Breach: GE

The target: General Electric, a Fortune 500 technology firm

The take: Personally identifiable information and documentation of current and former employees, as well as their beneficiaries – including direct deposit forms, driver’s licenses, passports, birth certificates, marriage certificates, child support orders, and many others.

The attack vector: While their own systems were not compromised, GE were notified by a service provider of a breach affecting their data. Canon Business Process Services reported that one of their employee’s email accounts was breached by an unauthorized party for a period of just under two weeks in February of this year. This employee had processed data on behalf of GE and the attackers gained access to a litany of confidential information.

Service provider relationships continue to pose increasing challenges for firms in today’s security landscape, as subcontracted entities may handle a firm’s sensitive data – be that business-critical data or the PII of their employees. A firm is ultimately responsible for their data regardless if they or a subcontractor are the ones handling it, and as such, a firm’s own security controls must follow that data and extend to third party processors.

Read more...

Zoom: We're Freezing All New Features to Sort Out Security and Privacy

2020-04-02

ZDNet: Elon Musk's SpaceX has banned employees from using video-conferencing app Zoom over "significant privacy and security concerns", according to a memo seen by Reuters.

In response to these concerns, Zoom has announced it is immediately freezing feature development for 90 days to improve security and privacy and will conduct a third-party security review. 

Read more...

Why All Employees Are Responsible for Company Cybersecurity

2020-04-01

Dark Reading: A recent lawsuit filed regarding the infamous 2017 Equifax data breach revealed that the company was using "admin" as a username and password to protect sensitive data from 147 million customers — even though this password has been exposed through data breaches almost 50,000 times, according to the Have I Been Pwned database.

Read more...

Axonius Nabs $58M for its Cybersecurity-focused Network Asset Management Platform

2020-03-31

Tech Crunch: As companies get to grips with a wider (and, lately, more enforced) model of remote working, a startup that provides a platform to help track and manage all the devices that are accessing networked services — an essential component of cybersecurity policy — has raised a large round of growth funding.

Read more...

Drawbridge Appoints Head of Europe

2020-03-31

Hedgeweek: Drawbridge Partners, a cybersecurity software and services firm specialising in the needs of hedge fund and private equity managers, has appointed Simon Eyre as Managing Director overseeing the European market.

Read more...

Why Third-Party Risk Management Has Never Been More Important

2020-03-31

Dark Reading: Over recent weeks, the ongoing spread of the COVID-19 coronavirus has forced companies around the country to make difficult decisions about how to protect their employees — as well as their communities as a whole.

Read more...

Marriott Says New Data Breach Affects 5.2 Million Guests

2020-03-31

CTV: Marriott says guests' names, loyalty account information and other personal details may have been accessed in the second major data breach to hit the company in less than two years.

Read more...

Ransomware Attack Hits FinTech Company Finastra

2020-03-30

CPO Magazine: The London-based fintech company, Finastra, which provides financial software to the global banking sector, has reported suffering a ransomware attack that prompted the company to shut down its servers and caused disruptions to its global operations.

Read more...