Latest News

  • Home /
  • Latest News

Mitigo: Cybersecurity in a year of crisis

25 November 2020
A must read for all IFAs, their leaders and everyone responsible for security and business resilience

When this year has seen a global pandemic, urgent concerns about climate change, and the uncertainty of Brexit consume much of our lives, TV and the press, some business leaders may have taken their eye off the growing threat posed to businesses in general – and financial services firms in particular – by the proliferation and increasing sophistication of cybercrime.

The emergence of new and disturbingly effective methods of cyberattack during the last 12 months only serve to demonstrate the ingenuity of the criminal gangs responsible, and why your cyber risk controls may well no longer be secure. As methods of attack continue to evolve – and they most certainly will - so must our defences and controls.

A doubling of opportunities for ransomware

One of the most frightening forms of attack, ransomware can leave firms operationally crippled, waste senior management time, and seriously damage or even destroy client relationships. It has been estimated that the average downtime (i.e. material business disruption) following an attack is now 19 days.

Previously the malware usually got into your system when someone clicked on a link, letting in the ransomware that automatically found data and files to encrypt. Now, criminals can automatically scan firewalls, looking for ports and vulnerabilities to gain access. And with so many people currently working remotely on poorly configured connections and devices, they are hitting the jackpot.

Worse still, the way the attack progresses has also changed. Once you’ve been breached, the bad guys no longer just go straight to the encryption stage. They often take their time examining confidential client and proprietary data.

Then they steal the material they think will cause you maximum pain if it’s made public. Which gives them two ransom opportunities. First, they demand payment for the decryption key. Next, they threaten to release publicly, piece by piece, the confidential data they’ve stolen about you and your clients. Unless, of course, you pay up.

The critical thing to understand here, is that even if you have perfectly configured backups (which we rarely see), they will still not be enough to protect you and your clients. No surprise, then, that amounts demanded as ransom, and the amounts actually being paid out, have shot up. You need seriously to consider additional protection.

Multi factor faking

Another thing that’s evolved is how very easily people can sign into and misuse your email account.

A while ago, crooks would usually get hold of your email address and password via phishing attacks or by buying your credentials on the dark web. Then they could login, send and receive emails as if they were you, spy on your mail, steal information, divert payments and so on.

Office 365 Multi factor authentication (MFA) was designed to put a stop to this, preventing anyone else from logging into your account unless they had second factor authentication, usually a code sent by text to your mobile phone. But not any more.

2020 has seen new ways of getting around MFA.  Notably, fraudsters can now accurately mimic the 365 login page. So you think you’re typing into Office 365, but in fact, it’s a fake cover page. Which automatically inputs your credentials into the real Office 365 page, except on the fraudster’s computer.

When the text with the code comes through to your mobile, you do the same - why wouldn’t you? And the criminals have successfully logged in as you. Free to do what they want. And when they’ve enabled the optional 60 day validity period, they’ve given themselves 60 days’ access.

The growth of the criminal ecosystem

Of all the many routes there are to cyber attack businesses, the exponential growth of ransomware is arguably the most telling. So let’s pick up the story again and take a look at where it’s heading. This is a high stakes game, and given the kind of data held, financial services firms are at existential risk.

So why the rapid growth? Well, it’s becoming more easily achievable. It can be hugely profitable. And the chances of criminals being brought to book are almost non-existent.

Attack tools are now freely available, as are low cost Ransomware as a service (Raas) kits. So aspiring cyber crooks no longer need high levels of technical knowledge to get involved. Affiliate ransomware platforms offering Raas provide easy market entry, and especially with more remote working, ample opportunity for good returns.

At the same time, there has been an increase in so called ‘big game hunting’ – the process we mentioned earlier - where more thoughtful and focussed attacking gangs more closely examine the opportunities that successful breaches provide for financial gain, whether by theft of money or by high value ransom.

Lower ranking criminals add to the risk, using the Raas model to function as ‘lead generators’, earning a cut or commission by passing on the opportunity to the big boys, who will be better able to fully exploit the financial blackmail potential of the breach.

The cost of ignoring the problem

Ransom inflation, as we indicated, is compounding the problem. Research suggests that by Autumn 2020, the average ransom being paid was $233,000 (approximately £177,000), rising sharply for larger organisations.

This is no surprise: the crippling business disruption, combined with the exfiltration of high value data (the ‘steal then encrypt’ model), results in criminals having much greater negotiating power over their victims. So that firms feel under greater pressure to give way to ransom demands to prevent their own and their clients’ confidential data from public release, even when system recovery from backups is possible.

From the attacker’s business perspective, the ransomware to payment ‘conversion rate’ has gone up very substantially, including for the smaller Raas players who are also now seeking higher ransom returns.

A market that’s here to stay

Given the amounts of money involved, the sophistication of organised cybercrime gangs shouldn’t come as a shock. This is a thriving market. And like any successful business, these operations now have their own PR machines, with websites and press releases announcing breaches, naming names, and the theft of data – threatening to make it public, if ransoms aren’t paid.

This market, again, like any other, has its own dynamics. And analysis shows that the ‘market share’ of different ransomware players and affiliate programmes has changed throughout the year. Big players like Sodinokibi (aka REvil), Maze and Phobos saw their share of total attacks go down due to the incursion of smaller players and the emergence of new entrants to the market.

This speaks to two somewhat disturbing issues. One that this is an established market that is not going to go away. And two, that the proliferation we spoke of is accelerating.

The critical concerns of the FCA

The rise in the volume and sophistication of cyber attacks in the sector and the accompanying threat to business operations are of increasing concern to the FCA.

A relatively large proportion of all incidents reported to the FCA now relate to cyber attacks, with disruption from cybersecurity incidents one of the biggest challenges to operational resilience.

Effective cybersecurity is not just a technology issue. Rather, the biggest vulnerability lies in the day-to-day practices of people. So effective configuration of technology must be accompanied by proper training and effective policies and controls.

Firms should also question their reliance on third party IT providers to provide security. And a big concern is that many firms are still not taking the right steps to test or audit their policies, processes and systems, which should be reviewed regularly, by someone independent.

All regulated firms are expected to have appropriate cyber risk management in place and a “security culture” from the Board down. Firms should bear in mind that, even in the absence of cybersecurity being specifically allocated in an SM’s statement of responsibilities, ultimately, responsibility will fall on the firm’s CEO/ Partners, on the basis of their overriding responsibility to run the business in accordance with proper governance and risk management principles.

Successful cyber attacks are now happening with increasing frequency against firms of all sizes. Leaders have a responsibility to satisfy themselves that the right measures are in place and regularly reviewed to protect the firm, their partners and clients. They should not be relying on generalist IT support. Savvy leaders already know this.

Paradigm has partnered with Mitigo to offer technical and cyber security services to our members. 

Take a look at Mitigo’s full service offer at https://www.consultparadigm.co.uk/strategic-partners/mitigo 

For more information contact Mitigo on 0161 8833 626 or email [email protected] 

 

 

13 September 2021

Invesco - Investment Intelligence Seminars 2021 – register now


8 September 2021

Blackfinch Renewable European Income Trust September 2021


7 September 2021

intelliflo - Five benefits of a client portal


7 September 2021

Prudential - Our 'Future-proofing Fridays' seminars are coming to you virtually


6 September 2021

Prudential - New PruFund Support


26 August 2021

PruFund range of funds - EGR and UPR announcement


26 August 2021

intelliflo - The power of deep integrations


25 August 2021

PruFund Planet - Support for your ESG client conversations


23 August 2021

Prudential - PruFund Planet - How are the funds managed?


20 August 2021

Prudential - Download the app for automatic daily valuations through intelliflo


12 August 2021

Prudential - The Great Reset: Why it's time to invest for a sustainable recovery


11 August 2021

Prudential - Planning for education?


6 August 2021

Invesco - It's more about growth than inflation


6 August 2021

Prudential - Sir Isaac Newton’s first law of motion and ESG


3 August 2021

Prudential - PruFund Planet - The power to create the world your clients want


2 August 2021

Prudential - Our 'PruFund Planet - a world of good' seminar is coming to you virtually


19 July 2021

Prudential - Pep up your ISA planning webinar


7 July 2021

intelliflo - Future-proofing your technology


2 July 2021

Prudential - Our 'Onshore... Offshore - you decide' seminar is coming to you virtually


1 July 2021

Prudential - New AKG financial strength report and due diligence support


24 June 2021

Prudential - A Spotlight on Asian Bonds


24 June 2021

Invesco - Emerging markets: Innovation unleashed


21 June 2021

intelliflo - Four ways technology can improve client engagement


16 June 2021

Have you looked at our Retirement Account recently?


9 June 2021

Prudential - The importance of sequencing of returns risk for clients taking an income from their pension


8 June 2021

Tax Efficient Review - Updated independent reviews now available


3 June 2021

Prudential - Could our Risk Managed 1 and 2 funds help in de-risking?


2 June 2021

Blackfinch: Adapt IHT portfolios - Q1 Trading Activity


2 June 2021

Prudential: Upcoming Webinars June


28 May 2021

Prudential - PruFund range of funds - EGR and UPA announcement


27 May 2021

Prudential - Intergenerational Planning


20 May 2021

Prudential - Do your clients dream of becoming millionaires?


17 May 2021

intelliflo - Using data to drive client engagement


17 May 2021

Invesco - My three rules of investing


17 May 2021

Prudential - Maximising ISA Allowances


14 May 2021

Prudential - Retirement Account & onshore bond bulk valuations added for intelliflo users


4 May 2021

Just - New awards for excellence in customer vulnerability. Enter now!


4 May 2021

Prudential - Are your clients ‘SKI’ing?


29 April 2021

Prudential - What do clients most want advice on, following Covid-19?


27 April 2021

Prudential - Our Future of Pensions Advice seminars are coming to you virtually


22 April 2021

Prudential - How comfortable are families with using the same adviser?


21 April 2021

intelliflo - One year on: advice industry powers on with more clients and greater efficiencies


16 April 2021

Prudential - The Defined Benefit Transfer Debate


15 April 2021

Prudential - A 5.5 trillion pound opportunity, worth exploring!


9 April 2021

Invesco - Bonds: shaken not stirred


7 April 2021

Welcome to intelliflo


7 April 2021

Prudential - What’s stopping clients transferring wealth?


1 April 2021

Prudential - NEW and exclusive intergenerational research


31 March 2021

Prudential - Submit ISA business right up to the tax year end


24 March 2021

Prudential - We’re removing the stress from ISA investments


18 March 2021

Prudential - Can our Retirement Account save you time?


17 March 2021

Blackfinch - Firms fit to thrive


10 March 2021

Prudential - What makes our Prudential ISA different from the rest?


10 March 2021

Just: Drawdown's secret weapon


5 March 2021

Invesco - Online training: Understanding ESG


5 March 2021

Prudential - Les' Budget Update


3 March 2021

PruFund range of funds - EGR and UPA announcement


3 March 2021

Prudential - Suport for your clients' pension planning


1 March 2021

Aegon - What the Spring Budget could mean for your clients


25 February 2021

Prudential - Cash is king! Or is it?


19 February 2021

Prudential - Planning for tax year end? Your pension planning questions answered


18 February 2021

Prudential - EGR and Budget webinars


17 February 2021

Prudential - 2021 and beyond – a diversified fund range of funds to help match client’s needs


12 February 2021

Prudential - Managing future risk - virtual seminars


1 February 2021

Mitigo - 6 cybersecurity resolutions for your firm


28 January 2021

Prudential - Introducing our new Investment Pathways


27 January 2021

Prudential - PruFolio Collectives Webinar


22 January 2021

Prudential - Managing future risk virtual seminars


23 December 2020

Just: Never assume anything


21 December 2020

Invesco - Investment Outlooks 2021


21 December 2020

Blackfinch - Using an EIS to Claim Income Tax Relief for the Tax-Year End 2019/20


21 December 2020

Prudential - Transitioning from old to new


16 December 2020

Prudential - Inheritance Tax CPD compilation


15 December 2020

Prudential - Client Meetings and reviews


10 December 2020

Canada Life - Future retirement journeys will be driven by complex family structures


10 December 2020

Canada Life - Over 1.5 million older workers have felt discriminated against because of their age


9 December 2020

Canada Life becomes first retirement provider to launch funds managed by Brewin Dolphin


9 December 2020

Schroders - Listen: Soundbites - Part One


9 December 2020

Canada Life - More than half of equity release sales are motivated by homeowners's desires to stay in forever home


8 December 2020

Canada Life - CPD qualifying webinar:Retirement Journeys - Complex Families, Complex Finances


7 December 2020

Blackfinch - We've rebranded!


7 December 2020

Blackfinch - What would an increase in Capital Gains Tax (CGT) mean for your clients?


4 December 2020

Prudential - What's the role of active and passive funds within multi-asset portfolios?


3 December 2020

Schroders' 2020 Annual UK Financial Adviser Survey - the key takeways


30 November 2020

PruFund range of funds - Quarterly review


30 November 2020

Schroders - Can asset management's Covid-19 response help regain public trust?


30 November 2020

Schroders - Savings shortfall: 41% worry they won't have enough to retire


25 November 2020

Mitigo: Cybersecurity in a year of crisis


24 November 2020

Selectapension launch new platform functionality ‘Quote and Apply’ tool in partnership with Aegon


17 November 2020

Invesco - Multi asset income investing


16 November 2020

Canada Life - Lockdown boomerang: 3.5 million grown up kids return to the family home


13 November 2020

Prudential - Individual Savings Accounts (ISAs): planning ideas


13 November 2020

Canada Life - Discussing financial planning is no longer a taboo subject


13 November 2020

Canada Life - CPD qualifying webinar: Obtaining a sustainable income through retirement


11 November 2020

Canada Life - 19.8 million will work beyond state pension age - down 14% from 2019


9 November 2020

Schroders - What we’ve learned from China’s plenum


9 November 2020

Blackfinch - The trouble with "I'm Fine..."


6 November 2020

Schroders - What are the UN's Sustainable Development Goals? A quick guide


23 October 2020

Prudential - Upcoming Webinars October and November 2020


22 October 2020

Schroders - The transaction costs manual: our "how to" guide to a complex topic


22 October 2020

Prudential - £10billion and counting


22 October 2020

Schroders - Can behavioural finance explain how investors think about sustainability?


21 October 2020

Prudential - Technical Update from Les Cameron- NEW Bond Gain Tool


21 October 2020

Invesco - Flexibility, scope and risk awareness in bond markets


20 October 2020

Puma - Helping your clients with their estate planning needs


19 October 2020

Prudential - An opportunity worth £5,500,000,000,000


16 October 2020

Canada Life - CPD qualifying webinar: Drawdown - Reviewing Suitability


15 October 2020

Canada Life - Shift in retirement journeys set to reset the market


13 October 2020

Canada Life - Canada Life announces major extension of fund range on Retirement Account


9 October 2020

Prudential - Pension Death Benefits - 65 minutes structured CPD


6 October 2020

Blackfinch: Blackfinch Spring VCT: New Share Offer Open Now!


2 October 2020

Prudential - Bond Taxation - 65 minutes structured CPD


2 October 2020

Schroders - Our multi-asset investment views September 2020


1 October 2020

Schroders Global Investor Study - How invested are people in sustainability?


25 September 2020

Prudential - How we manage money