Contact us: 888-996-4642 |

How to Know if Your RIA Firm’s IT Network Has Been Compromised

We were asked to participate in a webinar with RIA in a Box to discuss how to put policies in place and better protect your RIA firm from cyber attacks. One of the questions that participants sent in was “How do we know when our network or website has been compromised?” It’s a common question, so we wanted to address it here for our readers.

The answer is it is not always easy to detect a compromise. Even very large firms may not know they have been compromised until the FBI knocks on their door. What makes it hard to detect is that hackers have become very stealthy. Most compromises last a significant amount of time. The hackers may break in now but then they sit on the data for months, which makes it hard to identify if and when your network was compromised.

Most Common Cyber Attacks

The two most common methods of attack are phishing and watering holes. Phishing is where you receive an email from an apparently trusted website and you click on a link, allowing the hacker access to your system to gather sensitive information. You may remember getting an email that looks like it came from your bank but something was off and you didn’t click or follow the instructions. These used to be easy to spot, but not anymore. Hackers get more and more sophisticated every day and more people have fallen prey to a phishing attack because the email seemed to come from their boss. With the amount of information out there online, hackers can make some educated guesses that fool a lot of people.

A watering hole attack is where the attacker guesses or observes which websites your employees often use and then exploits a vulnerability in that website to place malware on it without the site owner knowing. Eventually some of your employees get infected and it spreads from there. For example, a Chinese attack group infected back in November in a watering hole attack targeting visitors working in the financial services and defense industries. These watering hole attacks are insidious because you would never think that a high profile site like could be infected.

Another thing to look out for is a computer that appears to have been tampered with. If an employee turned off his or her computer when they left work and it’s on or has windows and programs running when they return in the morning, a hacker may have been able to access the network, trying to steal important information.

How to Protect Your Firm from Cyber Attacks

The best way to protect your network and identify if it may have been compromised is to have policies and procedures in place that encourage your staff to identify when they see something out of the norm. A file folder in a directory where it shouldn’t be. An oddly named file sitting on someone’s desktop. A computer that is on and running an application when it shouldn’t be.

While your employees are your weakest link when it comes to cyber attacks, they are also your first line of defense. They can help spot problems and better protect your firm if you do the following:

    1. Train your employees on cyber security. This can’t be stated enough. Train your people not only on what to look for but also on what to do if they think the network has been compromised. Have a written policy in place and share it with every employee so they know who to call and what to do if they suspect a compromise. Explain the potential impact a cyberattack may have on your firm’s operations and reputation, let alone what it might mean for your customers. Spell out employee obligations, particularly with the use of mobile phones or using Wi-Fi in public areas like hotels or conferences. Cyber security should definitely be a large part of new hire training.
    2. Create a culture that is an open and encouraging environment. Your staff needs to feel like they can report issues without repercussions. No one wants to admit that they fell prey to a phishing scam. It’s embarrassing. There is a stigma around opening an email and suddenly the screen flashes a few times. Most people are scared that they have done something wrong but they don’t report it. They don’t want to be the one that caused all of the problems with the system. However, ignoring it or pretending it didn’t happen can cause your firm and your clients significant damage. By creating a culture and an atmosphere where people aren’t afraid to communicate and identify potential issues, it is a great step towards protecting your network. Encourage cooperation, not just compliance. Everyone needs to work together to keep the firm safe.

Want to watch the whole cyber security webinar replay for even more on how to protect your RIA firm from cyber attacks? Here’s a link to the cyber security webinar.

If you have more questions about cyber security and how to comply with SEC mandates, please give us a call at 224-563-3602. We are happy to help. We only serve RIA firms, so we understand the complexities of your industry and can share best practices in cyber security to help you protect your business and your clients.

Knowing that cyber security is probably a top initiative for you, we wanted to let you know about two solutions we have developed to help our customers protect their firm and comply with SEC cyber security mandates. The first solution for existing ĪTEGRIA® customers is Total AdvisorSecure™, a solution that uses a suite of robust tools, allowing us to scan your system to identify risks and vulnerabilities, pinpointing all the weaknesses that could leave you at risk for malicious and criminal behavior that could compromise your and your clients’ most sensitive information. We also proactively work with you to design a robust Security RoadMap that is unique to your firm.

Additionally, we have a new cyber security solution in the works for clients who aren’t currently having us manage their IT network. Sign up for our newsletter to receive more information on that solution when it is announced.


You May Also Like:

Valuable Cyber Security and Compliance Tips for RIA Firms

CEOs Need to Walk the Talk Regarding Cyber Security

How to Make Managing Your RIA Firm’s Technology a Little Easier