Succession Wealth Cybersecurity Story Reinforces Threat Risks

Tom Burroughes Group Editor London 28 February 2023


The UK wealth management group hasn't elaborated on the details of how its business was targeted. WealthBriefing talked to an expert about the issues involved.

Recent reports that UK-based Succession Wealth has been targeted by cyber attackers is a reminder to the sector of the threats that exist in the space.

“While purely speculative at this point, the verbiage in Succession Wealth’s statement would seem to indicate that there is a possible chance that this is a ransomware situation which would be quite serious. The ramifications would be based on the impact, which isn’t publicly known right now,” Christian Scott (pictured), chief operating officer and chief information and security officer, Gotham Security, an Abacus Group Company, told this news service. 

Succession Wealth, which since last August has been completely owned by Aviva, the insurer, has reportedly said earlier this month that it is probing the matter, and has told the appropriate authorities. It hasn’t elaborated on specific details. WealthBriefing has contacted Succession Wealth for comment. It had not received a reply at the point of going to press.

“The security of our clients’ information is our top priority and, as a precaution while the investigation is ongoing, we have quickly introduced additional security measures,” the company has been quoted as saying in various media reports.

“Organisations are having a tough time adapting to the increasingly sophisticated tactics of malicious actors, particularly when it comes to multi-factor authentication bypass attacks as well as post-user-compromise detection and containment,” Gotham Security’s Scott continued. 

“Many organisations have become too reliant on a one-time snapshot approach to monitoring the external attack surface of their perimeter via annual network penetration testing. Many organizations fall short when it comes to internal safeguards, such as practising the principle of least privilege and having effective segregation controls.”

“Wealth managers can better protect themselves by incorporating social engineering alongside their network penetration testing to truly emulate a sophisticated malicious actor targeting their organisation,” Scott continued. 

“Network penetration testing alone is not enough because it only focuses on technical vulnerabilities rather than the human factor, and 80 per cent of security incidents involve people. Organizations should also consider increasing the cadence of their security testing beyond an annual basis because the security climate changes so quickly.”

Cybersecurity remains an important issue for the world’s wealth management industry. In the US, new Securities and Exchange rules are due to come into play in the spring of 2023 forcing listed companies to report their cyberattacks to core stakeholders, such as investors, customers, and regulators. At present, 85 per cent of such cyberattacks are unreported by organisations because businesses fear a loss of confidence from the public (source: Public Finance, 15 October).

A study of more than 250 single-family offices in 12 countries finds that almost three-quarters of them suffered a breach caused by cyber-attackers, yet 72 per cent don’t have an incident plan to handle the risks and 61 per cent don’t have processes to spot breaches. 

Register for WealthBriefing today

Gain access to regular and exclusive research on the global wealth management sector along with the opportunity to attend industry events such as exclusive invites to Breakfast Briefings and Summits in the major wealth management centres and industry leading awards programmes