Financial advisors know all too well that they need to protect their business from cyberattacks, but the problem may be bigger than many may imagine.
Greg Ruppert, vice president for financial crimes at Schwab, speaking at Schwab’s Impact 2015 conference in Boston, said he saw hundreds of overnight cyberattacks when he headed the FBI’s Cyber Division, before joining Schwab in 2014.
Cyber threats are “nonstop and touch our lives daily,” said Ruppert. “24/7, 365 days a year… The targets are your firm, you, your employees and vendors.”
Ruppert warned that not being online could be even more risky because you’re “not aware of what is out there about you.”
Indeed, on Tuesday, the U.S. attorney for the Southern District of New York revealed that the three men accused of last year’s big breach of JPMorgan’s database are also accused of hacking into the customer databases of other firms including TD Ameritrade, Fidelity and Dow Jones, and Atlanta prosecutors charged two of the men with attacking the databases of E-Trade Financial and Scottrade. And last weekend Comcast disclosed that 590,000 Comcast email addresses and passwords were stolen – only 200,000 were reportedly active users.
Howard Ward, chief investment officer of GAMCO Advisors, said in another presentation at the Schwab conference there were 43,000 cyberattacks in the U.S. last year and investing in cybersecurity will be “the next big thing.”
Hackers are “no longer the 14-year-old in his mom’s basement; [but] now organized enterprises with billions of dollars at stake,” Ruppert said. They “can mine your data, figure out who you are, and go to places where you automatically infect yourself.“
One of the most popular attacks involves “spear phishing,” said Ruppert. That’s when hackers send emails that appear to be from an individual or business the recipient knows. Opening the email, however, gives the hackers access to personal financial information like Social Security and credit card numbers.
One of seven daily emails includes spear phishing, and about 30-35% contain some kind of malware, Ruppert said. “It’s “the gift that keeps on giving.”
Clyde Langley, vice president of fraud prevention and investigations at Schwab, told the advisor audience that four out of 10 of their clients’ emails are being compromised at any one time, and many won’t even know it.
Hackers are “watching the traffic and waiting for the opportune moment” to strike, said Langley, who spent more than 15 years at the FBI supervising and investigating cybercrimes and financial crimes.