Pimfa warns of 'alarming' trend in ransomware attacks

Pimfa warns of 'alarming' trend in ransomware attacks

The Personal Investment Management & Financial Advice Association has sounded warning bells over an "alarming new trend" in ransomware attacks.  

It comes as the trade body yesterday (September 21) confirmed a partnership with Mitigo Cybersecurity in a bid to protect its members against cyber-attacks. 

Lindsay Hill, chief executive of Mitigo, warned cybersecurity was now the "biggest threat to operational resilience and data security" in the financial advice and wealth management sector. 

Mr Hill said: "The FCA expects firms to have a ‘security culture’ from the board down, but we see ransomware and email account takeover on the rise.

"Working from home and dealing with clients and others remotely, can dramatically increase the risk."

Ransomware attacks see hackers access and encrypt a firm's data, before demanding a ransom from the victim as part of a promise to release the information back to the owner. 

A recent report published by internet security company Sonicwall warned of a 20 per cent increase in these type of attacks on a global scale this year. 

Pimfa and Mitigo Cybersecurity also warned of a new trend emerging over the past 12 months, where criminals steal a copy of the firm's data before encrypting it and once the first payment has been received threaten to publicly release confidential information until a second payment is made. 

Richard Adler, director of strategic partnerships at Pimfa, said: "Cybersecurity and operational resilience have been key concerns for many of our members, as well as the FCA since the start of the Covid-19 pandemic.

"It is sadly true that cyber criminals and fraudsters see opportunities to enrich themselves at the expense of others in times of financial and economic crisis.

"I would urge all our members to ensure they have sufficiently robust systems and processes in place to combat what are becoming ever more sophisticated attacks." 

The Mitigo Cybersecurity is not free for members, but Pimfa said its due diligence had confirmed it was a "trustworthy cybersecurity solution" to protect firms.

Recent months have seen increasing attempts from scammers and fraudsters to cash in on the uncertainty caused by the pandemic, with both consumers and businesses targeted as victims. 

In May scammers targeted financial advisers by sending fake emails purporting to be due diligence requests from the FCA and a similar attempt was made in September under the guise of a survey on the regulator's conduct rules. 

Advisers have been increasingly warned about the security pitfalls of working from home, with firms urged to keep on top of team training and proactively communicate with clients on the topic.  


What do you think about the issues raised by this story? Email us on fa.letters@ft.com to let us know.