The FBI issued a warning notification earlier this month that cyber-criminals were targeting companies engaged in significant financial transactions. Here’s the summary:
The FBI assesses ransomware actors are very likely using significant financial events, such as mergers and acquisitions, to target and leverage victim companies for ransomware infections. Prior to an attack, ransomware actors research publicly available information, such as a victim’s stock valuation, as well as material nonpublic information. If victims do not pay a ransom quickly, ransomware actors will threaten to disclose this information publicly, causing potential investor backlash.
This Dechert report on the FBI’s action says that companies engaging in IPOs or significant M&A transactions should not postpone security fixes their transactions are completed. Companies with major financial events on the horizon should be be particularly attentive to cybersecurity vulnerabilities, “including monitoring underground forums for stolen credentials.” The report says that the time period following closing of a merger is also perilous, and that cybersecurity processes and procedures should be aligned before the deal closes in order to reduce the risk.
– John Jenkins