Eleven Lessons From Cyber Hack That Forced an Australian Hedge Fund to Close (Part One of Two)

Telling people that if they do not take certain steps, something bad will befall them may not be sufficient to motivate them to take action. Instead, a real-life example of someone similar suffering from the forewarned harm may be required to get an individual to take the threat seriously. Case in point: although hedge fund managers have been repeatedly warned by the SEC, other governmental agencies and industry experts that they are attractive targets for cyber criminals, many managers still have not devoted sufficient time and resources to building effective cybersecurity programs. Perhaps those managers will beef up their cybersecurity now that one of their own has been forced to close after being hacked by cyber criminals who used a fake Zoom invite to gain access to the fund manager’s email system. This two-part series provides 11 lessons that fund managers should learn from the incident that cost the Australian hedge fund manager $800,000 and a major investor – and compelled it to close up shop. This first article describes the incident and explains the first three lessons. The second article will lay out the remaining eight lessons. For a look at a similar attack against three British private equity firms, see “Vulnerable Fund Managers Are Targets of Cultural Engineering Cyber Attacks: How Can Your Firm Avoid Being Next?” (Nov. 5, 2020).

To read the full article

Continue reading your article with a HFLR subscription.