Cybercriminals are targeting businesses of all kinds with ransomware attacks. As these attacks become more sophisticated, carrying the potential to effect a wholesale inability to access a firm’s entire electronic infrastructure, ransom demands have increased — often reaching eight figures. Because these denial of access attacks have been so effective, making ransom payments has become mainstream in corporate America.
Private fund managers may be particularly attractive targets. Firms that are active traders could face potentially large trading losses if locked out of their systems. Firms that buy controlling stakes in companies could face ransomware attacks at both the manager and portfolio company levels.
With the recent surge in ransomware incidents, driven in part by vulnerabilities created due to the COVID-19 pandemic,[1] it is more important than ever for fund managers to take steps to safeguard their systems and data against an attack. Recent alerts from the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) and the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (“CISA”) underscore the importance of…
