Why pirates love to crack the art world

The email hit art world inboxes last week with a thud. The subject line was “Important Art Basel Security Update,” which slightly underestimated the reveal. The world’s largest art fair company had been hacked.

“We are writing to let you know that last week our parent company, MCH Group, was affected by a criminal cyber attack using malware,” the letter began.

“The information we currently have suggests that the authors may have had access to data such as personal contact details,” the email said. “We do not yet know the extent of the data breach and these traces are being analyzed in cooperation with cybersecurity experts as a matter of urgency.”

Some merchants who spend part of the month of June on the Rhine each year communicating with the supposedly neutral inhabitants could read between the lines.

“It was in coded Basel parlance – that Swiss attitude of ‘we don’t make mistakes’,” said a dealer who works on a stand at the fair. “So it is clear that something bad has happened.”

Indeed, Adam Prideaux, the managing director of art insurance company Hallett International, which specializes in ransomware recovery, said companies generally describe hacks as vaguely as possible, in order to avoid widespread panic as the IT team cleans up the mess and hackers get paid.

“When you hear about a hack you never know what happened because sometimes it can be so disturbing – it’s just terrible publicity,” Prideaux said.

Despite its gravity, the news of the breach has certainly given pause to any dealer who has ever participated in Art Basel or any of its global spinoffs – the art market serving as the link between money, fame and performance. power and all. These are potentially primo data.

“There are sophisticated hackers who look into areas of the economy where they know there are transfers of large amounts of money, especially areas of the economy that are not very familiar with the issue. technology, ”Prideaux said. “It’s easy to pick. The art world is targeted because it is a world where there are exchanges of very large sums of money, and there are rich individuals and reaching them is very valuable.

While Art Basel‘s parent company says it is working with Swiss authorities to catch cybercriminals, previous data hacks have seen the loot sold or released despite investigations. If not disclosed to the general public, the treasure could be sold to the highest bidder, to individuals who need all the personal information about the most powerful people on the planet, possibly for nefarious purposes.

Or instead of selling the data, they can use it to prey on the collectors themselves. It’s already arrived.

In 2017, several galleries in the UK were hit by a cyberattack in which hackers launched a ‘man-in-the-middle’ bet, hanging brands by mimicking invoices sent by the dealer. by e-mail, on accounts accessible via a phishing password scam. The London gallery owner Laura Bartlett said that after sending a client an invoice for a batch of artwork purchased from the gallery, the hackers stepped in to intercept the payment.

“Someone sent another email saying, ‘Ignore my previous bill. I sent you old bank details; please use this invoice instead, ”said Bartlett The arts journal at the time.

Bartlett continued to email her client asking for money, but at some point she realized that the tone had changed: Hackers pretended to be her client as Bartlett and pretended to be Bartlett as his client, hoping to take control of the entire transaction. The pirates dictated all correspondence.

And the thieves secured the bag as well – the gallery customer wired the large sum of money not to the dealer, but to the hackers, and their bank couldn’t return the funds just because they were being targeted. by fraudsters. “The bank did not make an error for which it must necessarily take responsibility”, Chris Bentley, director at the insurer AXA Art, explained at the time.

Source link

Comments are closed.