Companies in M&A talks better watch out for cyber attacks

Security

by Byomakesh Biswal| 16 June 2014

Warning over terms, business plans and data to give advantage at the negotiating table.

Companies in M&A talks are increasingly the target of cyber attackers looking to steal sensitive information.

Firms involved in mergers and acquisitions talks are often being targetted for breach through one of the merging or acquired company's subsidiaries' and through partner networks.

FireEye security researcher Jen Weedon said in a blog, "Some threat groups compromise an organization's environment and then move laterally over a connected network to a partner or subsidiary, while others rely on social engineering tactics, such as the use of phishing emails that appear to be from employees at the partner company."

"We have seen China-based threat groups previously compromise targets by taking advantage of trusted relationships and bridged networks between companies," Weedon said.

These threat actors target to steal executive emails, negotiation terms, and business plans and information which act to the advantage of the rival companies involved in business negotiations.

"Companies involved in mergers and acquisitions need to be aware of the risks they face from threat actors intent on conducting economic espionage. Entering into a merger or acquisition with an organization that has unidentified intrusions and unaudited networks places a company at risk of compromise from threat actors who may be waiting to move laterally to the newly integrated target," Weedon warned.

Weedon said, not only the companies, but also the law firms representing them and involved in negotiations with Chinese enterprises could be targeted to provide insider information to give leg up to Chinese entities during negotiations.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

732 people like this.
0 people follow this.

Security Intelligence

Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.