One of the biggest cybersecurity attacks ever, affecting the US credit scoring firm, is one of a series of cases to have driven tech security up wealth managers' agendas in recent years.
(Editor’s note: For some time, reports about cyber attacks have prompted thoughts that foreign state actors, such as China and Russia, among others, are at fault. And it is not just foreign agencies that have come under fire: the explosive claims made in 2013 by Edward Snowden about the US National Security Agency have raised concerns about the state’s treatment of private information. Paradoxically, these events have put a spotlight on the need to honour financial privacy at a time when governments have been hunting for beneficial ownership data. Cybersecurity is now a top-line spending and strategy area in the fintech space.)
The saga of how 147 million people were hit in 2017 by the hacking attack on credit rating firm Equifax took another twist earlier this week. The US Department of Justice has indicted four members of China’s People’s Liberation Army with the attacks. China has denied the allegations.
It is one of several attacks that have shaken sectors such as wealth management, forcing cybersecurity up the agenda for organisations such as family offices, advisors, private banks and investment houses. The hackers mostly affected Americans, but reports said some Canadians and UK persons were also affected.
A federal grand jury in Atlanta returned an indictment last week charging four members of the Chinese People’s Liberation Army (PLA) with hacking into the computer systems of the credit reporting agency Equifax and stealing Americans’ personal data and Equifax’s valuable trade secrets, the DOJ said in a statement on 10 February.
The nine-count indictment alleges that Wu Zhiyong, Wang Qian, Xu Ke and Liu Lei were members of the PLA’s 54th Research Institute, a component of the Chinese military.
“They allegedly conspired with each other to hack into Equifax’s computer networks, maintain unauthorised access to those computers, and steal sensitive, personally identifiable information of approximately 145 million American victims,” the DOJ’s statement said.
Attacks on other institutions, ranging from JP Morgan through to Germany’s rail network in recent years, have fuelled fear of cybercrime. Professional services firm Accenture put the cost of cybersecurity to the global economy at $5.2 trillion over the next five years.
“This was a deliberate and sweeping intrusion into the private information of the American people,” Attorney General William P Barr, who made the announcement, said. “Today, we hold PLA hackers accountable for their criminal actions, and we remind the Chinese government that we have the capability to remove the Internet’s cloak of anonymity and find the hackers that nation repeatedly deploys against us. Unfortunately, the Equifax hack fits a disturbing and unacceptable pattern of state-sponsored computer intrusions and thefts by China and its citizens that have targeted personally identifiable information, trade secrets, and other confidential information.”