Cyber Threats Targeting Mergers and Acquisitions

Recommendations

Info

1. Introduction Mergers and acquisitions can be exciting, but they are also marked by hectic, stressful and frustrating periods. Vigilance is required at all stages throughout the M&A process, as a failure to secure sensitive information constitutes both a threat to the organization and an opportunity for threat actors. Over the past several years, there have been notable examples of organizations facing cyber threats as a result of vulnerabilities that have emerged while going through a merger or acquisition. But what can organizations do about this? By understanding both how and at what stage of the M&A process these threats occur organizations can mitigate them. 4 Any additional information can go here as a part of the footer (Edit the C-Master to update this text)
2. Associated threat actors While corporate espionage is nothing new, its impact on the financial market and proprietary IP by exploiting corporations involved in standard business practice has become more prevalent in recent years. Following are a few examples of methods used by cybercriminal groups to profit from companies going through the M&A process. FIN4 First reported in December 2014, a threat actor group identified as FIN4 attempted to access the email accounts of senior leadership across 100 publicly traded companies or advisory firms that provide M&A services such as investor relations, legal counsel and investment banking. The group used common financial investor and shareholder-themed social engineering lures to gain information likely intended for use in insider trading. In December 2015, the FBI disseminated an advisory to private industry warning that criminal actors are targeting privileged information about companies to facilitate securities fraud. The advisory noted that traders might seek this kind of information from hackers-for-hire on the criminal underground and referenced FIN4 as a group engaged in this kind of behavior. Tactics include the use of phishing emails to distribute Trojans armed with keylogging capabilities and injection of malicious code into the macros of email attachments designed to dupe victims to enter their e-mail credentials. This data is then sent to the attackers. Specific information about the extent of such malicious activity was not provided, but it is likely that the advisory was prompted by a rise in this type of activity. DarkHotel As early as 2007, a group named DarkHotel waited for their specific victims, comprised of corporate executives and high-tech entrepreneurs travelling to various international hotels, to connect to the hotel Internet. At which point DarkHotel would infect them with a rare APT Trojan. They relied heavily on the very strong likelihood that their targets would connect over a hotel’s wired or wireless network. The attackers also compiled extremely precise targeting information about the victim’s visit, much like they would for a a spear-phishing attack. In preparation for the attack, DarkHotel members gathered the target’s expected arrival and departure times, room number and full name, among other information. This data enabled the attacker to present the malicious content precisely to the individual target with minimal risk of raising suspicion. 5
Page 1 and 2: Cyber Threats Targeting Mergers and
Page 3: Executive Summary Global merger and
Page 7 and 8: 3. Steps of the Merger/Acquisition
Page 9 and 10: Marketing Marketing plays an import
Page 11 and 12: Conclusion There is demonstrable ev
Page 13 and 14: 6. Standards and Compliance • Lis

Cyber Threats Targeting Mergers and Acquisitions

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?