.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The target: Imperva, cyber-security firm based out of California.
The take: A complete copy of their customer information database.
The attack vector: Imperva uploaded a snapshot of its customer database for testing. However, in an unrelated incident, they left one of their internal systems publicly accessible on the internet from which the attacker stole key to the recently uploaded database. Using the key, the hacker was able to download a copy of the customer information.
After Imperva adopted cloud technologies to scale their infrastructure to meet increasing needs, they failed to account for the increased risk of this strategy. Cyber-security diligence applies at all levels of scale including times of expansion and investment in new technology.
The Guardian: Thousands of reports of cybercrime were quarantined on a police database instead of being investigated because software designed to protect the computer system labelled them a security risk.
Cision: A pan European survey of almost 600 successful businesses* has revealed that 61% of business leaders on the board of their company believe that in the war against cybercrime the hackers are more sophisticated than the software developers.
Institutional Investor: Hackers breached the official email accounts of investment executives at the Kansas University endowment and Community Foundation of Texas late last month. This week, attackers hit hedge fund Arena Investors, sending a malicious phishing email from its chief operating officer’s address.
Asian Investor: With cybersecurity challenges set to keep mounting, investing into the area seems a sensible move, not least because it offers asset owners a potential inside track to protecting themselves.
But Asia-based investors looking to do so face several hurdles, in addition to the high current valuations, something Singapore state investor Temasek is well aware of.
**Article may require free sign-in to read**
NCSC: The National Cyber Security Centre (NCSC) has defended the UK against more than 600 cyber attacks in the past year – bringing the total number to almost 1,800, new figures show.
Europol: Europol and Palo Alto Networks have signed a Memorandum of Understanding (MoU) to expand their collaborative efforts in combating cybercrime and working together to make cyberspace safer for citizens, businesses and governments.
Homeland Security News Wire: Companies interested in protecting themselves and their customers from cyber-attacks need to invest in themselves and the vendors that handle their data, according to new research from American University.
The target: FireEye, a publicly traded cybersecurity company in California.
The take: Corporate documents, details on client contracts and licenses, and personal login credentials.
The attack vector: Attackers used credentials exposed in public data breaches to access the personal accounts of a security analyst employed by FireEye. Once his accounts had been compromised, they were able to exploit his business use of those personal accounts to obtain sensitive information belonging to his employer.
On an individual level – this attacks highlights the importance of changing passwords and rotating credentials, particularly in the wake of a publicized credential breach. At the firm level - once confidential and sensitive information leaves a firm’s information systems, it’s completely outside of their control. Security policies must reflect zero tolerance for use of personal accounts to communicate on behalf of the firm or store/transfer sensitive and proprietary information.
Asian Investor: Cyber criminals continue to develop a variety of smart tools to plot hacking schemes and data breaches in today’s intricately connected digital world, in which almost everyone’s data is stored, processed and accumulated. Anybody can become a target.
**Article may require free sign-in to read**
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
168 Hobsons Lake Drive Suite 301
Beechville, NS
Canada, B3S 0G4
Tel: +1 902 429 8880
Manila
10th Floor, Two Ecom Center
Mall of Asia Complex
Harbor Dr, Pasay, 1300 Metro Manila
Philippines
Sydney
Level 15 Grosvenor Place
225 George Street, Sydney NSW 2000
Australia
Tel: +61 (2) 8823 3370
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy