Hackers target high net-worth individuals

There has been a staggering rise in the number of cyber-attacks globally in the past few years and particularly since the outbreak of Covid-19. With the digitisation of every industry and the reams of online data, the opportunity to go after what is seen as valuable assets or information is increasing.

Cybercrime is increasingly being directed at HNWIs (High Net Worth Individuals) and Family Offices. According to a Campden Research study, more than a quarter of ultra-high-net-worth (UHNW) families, family offices and family businesses, with an average wealth of US$1.1bn, have been targeted by a cyberattack.

High-net-worth individuals (HNWIs) are viewed as high-value targets by cybercriminals, and they are often more vulnerable than corporations due to their less robust security measures says Alphus Hinds, chief information security officer (CISO) for Standard Bank, CIB International. Cybercriminals regularly make use of publicly available information to build a picture of an individual’s footprint, which is used as part of a fraud campaign known as social engineering whereby fraudsters manipulate people to provide confidential information. The use of phishing emails is another way cybercriminals gain access to personal and confidential information.

Phishing requests often seem legitimate either requesting the receiver to click on a link, which directs them to a spoofed website requesting confidential information or to download an attachment so that malware is downloaded that can extract people’s banking credentials to access their financial accounts. This information is used by cybercriminals to perpetrate fraud on digital banking channels.

Business email compromise (BEC), which remains one of the costliest types of online fraud, is another method used to conduct online fraud. Alphus mentions that HNWIs typically engage via email with multiple sources across platforms and are often victims of BEC. In these instances, hackers will intercept a thread regarding a transaction and impersonate the other party. The individual may think the transaction is going to the intended party, but the money is then transferred to an account under the control of cybercriminals.

Further to the above, rogue mobile apps uploaded to popular app stores were up 140% compared to the prior year. Rogue mobile apps are apps created by cybercriminals to imposter banking apps to infect consumers’ devices with malware capable of harvesting user credentials to conduct account takeover attacks (the cybercriminal takes over the device to access digital banking to conduct fraud).

Due to South Africa being one of the top 3 destinations worldwide for phishing related attacks we encourage clients to remain vigilant and apply increased caution should they receive emails or even SMSs with links and individuals need to be very vigilant and judicious when determining which apps to download and make sure that these are verified’

As a result of the proliferation of online crime, governments have had to act swiftly to protect against threats to information. Sadly, they often do not have the best technologies or processes in place to protect this information. They have, however, undertaken to strengthen their security posture; how they go about security and preserving our information integrity through the introduction of data privacy and cyber security legislation.

While the introduction of these legislations provides some level of comfort, it is critical for HNWIs to understand that they are responsible for protecting their information, assets and loved ones.

The implementation of a cyber security plan in this context might not be a task that HNWIs want to take on themselves. There are third parties that specialise in this area and understand that operating globally comes with a host of different risks. Threats in China are different to that of the United States, for example.

2021 has witnessed a prolific rise in the scale and ferocity of ransomware attacks – from large financial demands to leaked data to major disruption of services. HNWI are not immune and are targeted by ransomware attacks.  At the heart of a ransomware attack, is the encryption of vital data/files denying organizations or individuals access until they pay a ransom to the ransomware crews (cybercriminals) in exchange for decryption keys. Cybercrime is always evolving; we have also seen a twist of the classic ransomware attack, with ‘ransomware crews’ asking for payment not to make stolen data public, in addition to wanting payment for decryption keys to regain access to one’s data. 

Security controls must, of course, be proportionate to the level of risk one faces, so it is important to consider what one wants to protect (valuable assets and confidential information), as well as how potential threats or risks will affect them. A good place to start is scanning one’s inbox to see if they have received any phishing emails, do not open them and be cautious when disclosing information. One may also want to make sure that they encrypt any sensitive information they view as valuable. Many are familiar with multi-factor authentication, which ensures that users are the only ones that can access their data.

Cyber insurance is becoming a key tool within the armoury of cyber defence at a corporate and individual level. HNWI must consider procuring cyber insurance as part of their cyber security strategy.

Many people confess to using the same password across multiple platforms, or a password containing personal information or worse, both. Alphus says that this makes them easy prey as they can be hacked with ease. Fortunately, password-less technology is now available. With a Microsoft account on Windows 10, users can opt for Windows Hello, which uses facial recognition or fingerprint scanning rather than a password to enable access into apps or platforms. Alternatively, password managers can generate a strong password that one need not remember. Finally, remember to never, ever write a password down.

These may sound like some of the most basic and simple security controls to put in place, yet most people do not make use of them. However, if users can get the basics right, they will cut out 80% of their vulnerability. This leaves 20% to focus on the concentrated, advanced, persistent threats.

HNWIs will typically have third parties represent them, and it is important to be sure the third parties are secure. It is essential to find out how they store information and who has access to it. In addition, there are third-party companies that perform third-party risk assessments on vendors and can verify they are secure and compliant. Standard Bank recognizes that trust is one of the most fundamental client needs. It is firmly established by preserving and protecting the information, data, and any physical assets of its clients. This is accomplished through the development of a rigorous security strategy and multiple controls Increasingly; cyber risk is not only a technology issue but a boardroom issue. It is a risk that potentially not only exposes our client but that of the corporation as well as if appropriate controls are not put in place to protect information, not only are parties and individuals exposed to cyber threats and data breaches but that of hefty fines under new legislation such as the GDPR.

Standard Bank’s security strategy involves a multi-layered approach that leverages both human and technology skills. It has several protections in place like antivirus software and technology solutions that ensure data is encrypted, emails are monitored for malware and phishing while closely observing the behaviour of those who have network access to prevent weaknesses. The cyber security industry has seen a rise in the security operations centre, which the bank has in place, where experts proactively hunt for threats 24/7, with the assistance of Artificial Intelligence.

However, while threat detection and monitoring are critical, being able to respond to those threats appropriately through a proper incident response plan is key. The Standard Bank mindset is verify first before you trust the source.