Context Magazine

Something Amisss?

Edition 3 - The global issue

HNWIs and wealthy families are prime targets for cyber criminals, who are becoming more active and more sophisticated in their modes of attack. Here we look at what steps people can take to protect their assets, their finances and their families.

Cyber criminals have wealthy families and high net worth individuals (HNWIs) firmly in their sights. It might be tempting to assume that only large companies need to worry about falling victim to a cyberattack, but criminals prey on all our optimism.

Even before Covid-19, planned attacks on HNWIs were on the rise. A study by Campden Wealth found more than a quarter of wealthy individuals had been targeted at least once. But since the pandemic, as society has moved to working from home, or in hybrid environments, their digital activities have accelerated, increasing their vulnerability to cyberattacks.

“At the height of lockdown, GCHQ received 160,000 reports of suspicious emails in a single week,” says Penningtons Manches Cooper Partner Alex Fox. “Even the former head of MI6 fell victim to an attack – if he is vulnerable, we all are.”

Cyber criminals are well-organised and do their research, often mining publicly available intelligence, including social media, in order to target their victims. They also access open sources on the dark web and sell information that might help with an attack or share vulnerabilities they have identified.

Staying safe and savvy

Well-prepared attacks can be highly convincing. One HNWI recalls receiving a message from a family office adviser he knew well, asking him to use his email and password details to log into a Dropbox account. When he tried and failed, he assumed there had been an IT glitch; in fact, the message had come from a fraudster, not the adviser – and that was the start of an attempt to steal £1 million.

In another case, the head of a Middle Eastern family discovered one of his advisers had sent a series of five-figure payments to an account he didn’t recognise. When questioned, the adviser produced emails, apparently from the victim, ordering the payments. Investigators discovered the victim’s email account had been compromised while he was using a public Wi-Fi connection.

“It’s often the simple things that people don’t think about,” says Benedict Hamilton, Managing Director in the forensic investigations and intelligence practice of security adviser Kroll. “They neglect password and Wi-Fi security, and they don’t worry about public information that exists about them – that’s how the attacker pounces.”

Points of Vulnerability

Everyone should have basic security features such as high-quality firewalls, anti-virus protection and up-to-date software and devices in place at home as well as work, but HNWIs may need extra help.

Kroll’s Benedict Hamilton suggests hiring a cyber security professional to assess your vulnerabilities and advise on how best to protect yourself. “We perform this service for HNWIs frequently and it’s rare that we don’t find some sort of weakness,” he says.

Such experts can also audit the advisers and providers with whom you work to see if they represent a weak link. You may want to consider running background checks on your own staff – employees with access to systems are a weak point in many organisations.

However, improving your cyber security may also require you to change behaviours. Think carefully about what personal information you share online – and what information your friends and family share. Be automatically suspicious about all digital communications you receive, particularly where they are requesting any kind of information.

Still, even with these preparations in place, attacks may sometimes get through. “Our advice is to always assume that you’re going to get breached,” explains Tony Macey, Chief Technology Officer at cyber security adviser Mollis Group. “Think about how you can reduce the blast radius – for example, do you need to keep personal information or financial information on the same system as everything else?”

Good preparation, and if necessary a robust response, is vital.

Prepare and protect

Criminals’ motivations vary too. Sometimes, the goal is to steal from the target. In other cases, they might be after private information, which can be sold on or even used for extortion and blackmail. Ransomware attacks, where attackers take control of your systems and demand cash to unlock them, have become increasingly common in the last few years.

How then do HNWIs protect themselves? Fox says: “You need to take steps to protect yourself now, but also have plans for what you would do if an attacker gets through, as well as who you’d approach to recover after a scam.”

The natural response is to freeze when you realise you’ve fallen victim to a scam, warns Fox. “Call the experts for advice straight away, leave your PC switched on so that records of the attack aren’t lost or deleted and get as much information from the attackers as possible.”

Similarly, have plans in place for any recovery action. Keeping your data backed up on an independent PC or IT system will be invaluable if your current system is compromised, for example. You may also need further professional specialist advice in the wake of an attack. “If you have sensitive information stolen, there are legal routes you can explore to seek damages and secure injunctions to try to prevent the information being shared further or otherwise misused,” adds Fox.

The bottom line is that you need to be prepared for all eventualities. Vigilance will help you ward off many attacks but accept it is likely that some will get through – so you need to be ready to fight back.

Arrow GIFBack to Edition 3 - The global issue

Penningtons Manches Cooper LLP

Penningtons Manches Cooper LLP is a limited liability partnership registered in England and Wales with registered number OC311575 and is authorised and regulated by the Solicitors Regulation Authority under number 419867.

Penningtons Manches Cooper LLP