POWERED BY MOMENTUM MEDIA
Phishing attacks biggest cybersecurity threat
Business email compromise (BEC), otherwise known as “phishing” attacks, is the most common and most serious cybersecurity issue for superannuation funds, according to a whitepaper from financial services technology provider SS&C Technologies.
“The most valuable commodity on the dark web is sensitive, confidential client data, what security experts call personally identifiable information or PII,” the whitepaper said.
“In the PwC 2018 Global State of Information Security survey for Mainland China and Hong Kong, customer records were the most commonly acknowledged target of security infractions.
“Superannuation funds also hold valuable trade secrets, such as proprietary research or trading algorithms, which could cause serious financial and reputational damage if compromised.
“And of course, there are the fund assets themselves – sophisticated thieves are not merely after data, but are employing nefarious means to steal money from funds, the financial gain is among the top motivators for a cyber-attack.
“Apart from these direct risks, Superannuation funds also face regulatory pressure to make sure they have security controls and incident response plans in place.”
The whitepaper said in early 2019, an email began circulating among fund firms that appeared to be from a legitimate researcher.
“It referred to rumours that the European Securities and Market Authority was considering suspending short selling under Brexit, and offered a briefing document on the topic,” the whitepaper said.
“When recipients clicked on the link to obtain the briefing, they were greeted with a blank page, raising suspicions that the email was planting malware in the firms’ systems.
“Those fears were exacerbated when the purported attacker boasted about having compromised several firms in an online forum, and threatened more.”
Anthony Caiafa, SS&C chief technology officer, said the company had invested heavily in security measures.
“Including the deployment of a global Security Information and Event Management (SIEM) system to gather threat intelligence from a variety of sources and correlate it with our systems internally to ensure we have a secured environment,” Caiafa said.
“We have also partnered with an industry leading provider of email protection solutions to flag and block suspicious emails and spam.
“Whether this “phishing” attempt was an actual cyber-attack or an elaborate hoax, as some suspect, it nonetheless underscored the vulnerability of funds to cyber threats.”
Recommended for you
With the merger between Mine Super and TWUSuper in its late stages, the head of the soon-to-be combined fund is the latest to join ASFA’s board.
The fund has announced new additions to its trustee board.
Brighter Super has confirmed an executive search is underway to succeed its long-serving chief financial officer Garnett Hollier.
The research house has hired an experienced product specialist for its Australasian team.
TOP PERFORMING FUNDS
ACS FIXED INT - AUSTRALIA/GLOBAL BOND
Fund name
3y(%)pa
1
Spire Oaktree Opportunities XI Second Close
36.43 3 y p.a(%)
2
Spire Oaktree Opportunities XI First Close USD
35.08 3 y p.a(%)
3
DomaCom Lot 21 Chellaston Road Munno Para West SA 5115 Australia
31.72 3 y p.a(%)
4
Fidante Credit Suisse Global Private Equity
29.60 3 y p.a(%)
5
Global X GlobalX FANG+ ETF
27.64 3 y p.a(%)
