Oftentimes, cyberattackers can be seen targeting fund management companies and institutional investors, essentially because they are involved in the turnover of a huge amount of money. A single mistake may lead to huge financial losses, as recently happened with Norfund and several other companies.
In May 2020, the Norwegian sovereign wealth fund, Norfund, lost more than $10 million (£8.2 million) in a cyber scam incident. The hackers posed as a finance company based in Cambodia, falsified information exchanges, and then tricked the company employees into transferring funds into a separate account owned by the hackers.
In March 2019, a phishing campaign dubbed "Beyond the Grave" was observed, that was designed to alter confidential data held by the targeted hedge funds. Active since January 9, 2019, it was targeting several renowned banking and financial institutions, including Elliot Advisors, Capital Fund Management, AQR, Citadel Baupost, Alliance Bernstein, and Group Marshall Wace.
In October 2019, attackers had targeted the hedge fund management company, Arena Investors, sending malicious phishing emails posing as a C-suite executive.
Fund management companies leaking data
Besides direct cyber attacks, fund management companies also face the risk of leakage and exposing their customer’s sensitive data.
In August 2019, Credia.ge, a Georgia-based microfinance company, exposed personal and loan information for thousands of its customers. The 2 GB of exposed data contained 142,571 user records, that were left exposed in a misconfigured Elasticsearch cluster.
In December 2019, the Washington-based accounting and wealth management company, Moss Adams, notified that a staffer’s email account was accessed by an unknown third party, resulting in the exposure of sensitive information including names and Social Security numbers of an undisclosed number of customer and employees.
Another noteworthy fraud case
In July 2018, two individuals, Vitaly Korchevsky (a former hedge fund manager), and Vladislav Khalupsky (a securities trader)were convicted for a $30 million fraud. They, along with other individuals, had hired a few Ukrainian hackers who broke into the networks of newswire companies like Marketwired, PR Newswire, and Business Wire to steal press releases ahead of distribution. Using the stolen data, they traded in the stock market and generated $30 million in illicit profit.