.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
BNN Bloomberg: A Russian who admitted carrying out one of the largest known cyberattacks against a U.S. bank is a “brazen and prolific” hacker who should serve as long as almost two decades in prison, U.S. prosecutors told a federal judge in advance of his sentencing.
FINRA: FINRA warns member firms of an ongoing phishing campaign that involves fraudulent emails that include the domain “@invest-finra.org”. FINRA recommends that anyone who clicked on any link or image in the email immediately notify the appropriate individuals in their firm of the incident.
Reuters: Cybersecurity could be one of the key post-pandemic investment themes in an equity-friendly world of low interest rates and vaccine-led recovery, LGIM CIO Sonja Laud said.
The target: Levitas, an Australian based hedge fund manager.
The take: $8 million
The attack vector: The attack was initiated when one of the founders clicked on a fake Zoom meeting link. This gave the attackers the ability to inject their own malicious software to take control of the high level email account, and with these powerful credentials in hand, the attackers created fake invoices for a bogus company and then sent requests for payments to be made from the firm. Authorizations from the compromised email account were sent shortly after the requests, prompting the transference of funds to the unknown companies. The threat actors then withdrew the cash.
This breach demonstrates the critical nature of verification processes, and the inherent power of high level credentials and their management. There were several flags raised along throughout the scheme and this attack shows just how important it is to review, verify, and certify transactional processes no matter to origin within a firm.
Investor Daily: The prudential regulator has unveiled its cyber-security strategy for 2020-24, which seeks to lift security standards and introduce higher accountability where companies fail to meet their requirements.
Bleeping Computer: British cybersecurity and hardware company Sophos has emailed a small group of customers to alert them that their personal information was exposed following a security breach discovered.
Axios: The incoming administration will face a slew of cybersecurity-related challenges, as Joe Biden takes office under a very different environment than existed when he was last in the White House as vice president.
Forbes: Companies often separate cybersecurity and data protection by forming two independent teams and buying different software to address each of these issues apart. Maintaining and managing two teams, together with two software sets, involves high IT costs and administrative expenses.
BNN Bloomberg: Big banks and other financial firms predict the cost of warding off cyber criminals will keep climbing in 2021 as they work to secure digital financial services popularized by the pandemic.
CBA: Despite a growing understanding that cyber security is essential in a digital era, some Canadians still need help in getting the message that simple steps can make a big difference in protecting personal information from cyber criminals.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy