FBI: Cyber Attacks Target Organizations Involved in Mergers and Acquisitions
A new notification from the FBI warns organizations of attacks at the perfect time when organizations are spending money, new people are being introduced, and operations are in flux.
Threat actors like nothing more than a dash of chaos when it comes to timing their attacks. If they can get the social engineering theming just right, that chaos – when added to a sense of urgency – causes individuals to rush and not think actions through properly. This allows cyber attacks to succeed far more often than they should.
According to the FBI notification, the threat actors responsible are very aware of who they are targeting: “During the initial reconnaissance phase, cyber criminals identify non-publicly available information, which they threaten to release or use as leverage during the extortion to entice victims to comply with ransom demands. Impending events that could affect a victim’s stock value, such as announcements, mergers, and acquisitions, encourage ransomware actors to target a network or adjust their timeline for extortion where access is established.”
Judging from the warning put out by the FBI’s Internet Complaint Center (IC3) earlier this month, cybercriminal gangs are using these major financial events as the perfect juncture for ransomware attacks involving extortion. Think about it – let’s take a fictitious public company being bought by a private investment firm. The entire cost of the deal revolves around the stock price. Now, if a ransomware attacker can succeed in stealing data from and encrypting the systems of the public company, having the public find out could cause the stock price to diminish – thus lowering the value of the company and its purchase price.
If your organization is going through a merger or acquisition (or planning to in the future), it’s imperative that you put up the strongest possible defense against ransomware – which includes the use of Security Awareness Training to include users in the defending against such attacks where malicious email content finds its’ way past security solutions and into the user’s Inbox.