Hedge funds besieged by hackers on a daily basis

Hackers are exploiting inherent weaknesses in mature hedge funds on a daily basis, say a security vendor and the chief technology officer of an established fund, leading to huge boosts in cybersecurity spending. “Hedge funds are being targeted simply because of cash movements where frequent large transfers are normal at a small business that doesn’t …

by | May 1, 2019 | bobsguide

Hackers are exploiting inherent weaknesses in mature hedge funds on a daily basis, say a security vendor and the chief technology officer of an established fund, leading to huge boosts in cybersecurity spending.

“Hedge funds are being targeted simply because of cash movements where frequent large transfers are normal at a small business that doesn’t necessarily have all the controls in place,” says Jason Elmer, managing partner at Drawbridge, the cybersecurity consultancy.

For smaller funds, cyber threats have become an ever more daunting prospect as hackers become more efficient and the reputational effects of a breach become more severe, believes Elmer.

“We’ve seen it both sides, investors being targeted via a fund that was spoofed – we saw a capital call of $7m that didn’t go out the door – and we’ve also seen the other side where a wire to an investor has gone out with fraudulent transfer requests,” says Elmer.

A CTO of a New York-based hedge fund, who agreed to speak on grounds of anonymity, says that the sector is well aware of breaches and close calls.

“Of course [there are close calls and breaches] and people will be private about those things. The sort of attempts we get on a daily basis are hackers scanning your IPs, trying to find holes and phishing.

“There have been situations where there has been a data breach, and there’s been a full incident response to the point of letting investors know, the SEC know, the FBI know – I’ve known two instances of that in the New York area and those are bad situations to be in.

“The worst-case scenario would be getting a call from my CEO or CFO telling me that we’d wired X amount of money to somewhere and someone got access to their email accounts.

“Phishing has always been a problem. Particularly when we see technologies coming out that are specifically looking at adding artificial intelligence; we’ll see a lot more of that over the next three to five years. And even with the amount of technologies we can put in, the end user is always going to be the weakest link. How can we protect the user? Through education, mandatory training and due diligence,” says the fund’s CTO.

The CTO gives credit to the Securities and Exchange Commission (SEC).

“The SEC was slow to act initially but there were certainly folks like myself who saw the writing on the wall and realised, I don’t want to be the guy who comes into the office and has a breach and sees the fund closed down.

“In the last five years when we began to see things like cryptolockers [where files become encrypted for ransom] the industry woke up. It’s taken time and the SEC has woken up and put a lot of guidance out there and doing risk assessments and readiness programmes at funds and fining them,” they said.

However, Elmer suggests investors are driving a greater focus on cybersecurity.

“Regulators aren’t as much the driver as is the investor community. Frankly the stepped up efforts of due diligence teams are actually conducting much more thorough exercises when they’re about to invest in a funds. That’s the biggest driver of our business,” he says.

With both regulators and investors paying closer attention to the security function, the fund’s CTO believes that vendors should be placed under the same scrutiny as his own employees.

“I know many organisations that have VPN tunnels where the vendor of a trading platform, portfolio monitor, or an accounting package has straight VPN tunnels with access to their own application servers.

“We don’t have any VPN tunnels for any of our vendors and they are treated as I would treat an employee with no admin rights, they come in over Citrix and by two factor authentication,” says the fund’s CTO.

The CTO believes that cyber security budgets have increased “perhaps even fivefold” over the past four years.

“I have to continually evolve in the cyberspace and stay abreast. I have to educate myself, talk to peers, talk to new vendors and go to security conferences. I might not stay ahead but I might not fall too far behind what the bad guys are doing," says the fund's CTO.

Categories:

Resources

Regulatory reporting: 7 Questions with Philip Flood, Gresham Technologies

Other | Behavior detection & predictive analytics Regulatory reporting: 7 Questions with Philip Flood, Gresham Technologies

Gresham Technologies

Regulatory reporting: 7 Questions with Philip Flood, Gresham Technologies

Philip Flood, Business Development Director, Regulatory and STP Services, recently joined the ‘7 questions with…’ podcast with Gert Raeves of… Continue Reading

View resource
Real-time payments tech put pressure on banks

Best Practice | Behavior detection & predictive analytics Real-time payments tech put pressure on banks

Intix

Real-time payments tech put pressure on banks

The transformation to real-time has seen the market modernise, but there is a further need for banks to have the… Continue Reading

View resource

New GFT podcast on AI

In the latest episode of our new podcast series on AI entitled ‘Artificial Intelligence, Intelligently Applied’, our host Simon Thompson… Continue Reading

View resource
Managed Services in 2021: Poised for Lift-Off

Best Practice | Behavior detection & predictive analytics Managed Services in 2021: Poised for Lift-Off

SmartStream Technologies

Managed Services in 2021: Poised for Lift-Off

This research report sheds light on current and future outsourcing trends that are likely to shape the capital markets, including:… Continue Reading

View resource