Shrewd hackers are pursuing information on mergers, security firm says
A sophisticated group of hackers is taking advantage of the current mergers-and-acquisitions boom to target publicly traded companies and their executives involved in pending deals, a new study says.
More than 100 firms have been targeted since at least mid-2013 with the aim of gleaning confidential information that might be used to gain an edge in stock trading, according to cyber security firm FireEye Inc. in Milpitas, Calif.
The study says the hacker group, about which little is known, has gained access to the email accounts of executives, lawyers and others involved in public company deals, often using code from previously stolen documents to mimic normal Windows authentication prompts for user names and passwords.
Other tactics involve using previously stolen merger documents or sending highly tailored phishing emails to lure targets into discussions about confidential topics.
The rise of M&A-specific hacking comes amid a boom time in the merger business. Global deals have topped $3.2 trillion so far this year, the most since the financial crisis of 2008, according to banking research firm Dealogic.
The healthcare sector leads the way, accounting for more than 13% of the value of the all deals. As it happens, more than two-thirds of attempted M&A hacks have come at health-related firms, FireEye said.
The hacks also have sought information about clinical drug trials, insurance reimbursement rates and pending legal cases.
The hacker group, which FireEye calls “Fin4” because of its concentration on financial targets, has showed it is well-acquainted with Wall Street idioms and the nuances of the arcane world of mergers and acquisitions.
In one case, it sent a Securities and Exchange Commission filing from the hacked account of one merger consultant to lure an executive at another consultancy into a discussion about the pending deal.
The rise of M&A hacks also comes at a time of increased government vigilance over insider trading.
The conviction in October of David Riley, former chief information officer at Foundry Networks Inc., marked the 87th insider-trading conviction by jury verdict or guilty plea in federal court in Manhattan over the past five years, according to U.S. Atty. Preet Bharara in Manhattan.
