reuters

Hack of U.S. securities regulator rattles investors, stirs doubts

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading.

The incursion at the Securities and Exchange Commission (SEC) struck at the heart of the U.S. financial system. The SEC’s EDGAR filing system is the central repository for market-moving information on corporate America with millions of filings ranging from quarterly earnings to statements on acquisitions.

Accessing documents before they are released publicly would offer hackers a lucrative opportunity to trade on that information.

The SEC said late on Wednesday that a hack occurred in 2016 but it had only discovered last month that the cyber criminals may have used the information to make illicit trades.

SEC Chairman Jay Clayton gave members of Congress a “courtesy call” about the hack late on Wednesday afternoon, said Rep. Bill Huizenga, chairman of the House subcommittee on Capital Markets, Securities, and Investment, which oversees the SEC.

I’m glad that Jay Clayton has decided to acknowledge this and release it, warts and all,” Huizenga said. ”It’s hugely problematic and we’ve got to be serious about how we protect that information as a regulator. I’m hoping that this leads to some vast improvements and an uptick in the vigilance that all the regulators are going to have with information that’s coming to them.

The disclosure has rattled investors’ faith in the security of their data. It comes two weeks after credit-reporting company Equifax (EFX.N) said hackers had stolen data on more than 143 million U.S. customers, and in the wake of last year’s cyber attack on SWIFT, the global bank messaging system.

It is particularly embarrassing for the SEC and its new boss Clayton, who has made tackling cyber crime one of the top enforcement issues during his tenure.

The Chairman obviously recognizes the irony of the SEC potentially serving as the unwitting tipper in an insider trading scheme,” said John Reed Stark, a former SEC staff member and cyber expert.

The SEC has said it was investigating the source of the hack but it did not say when exactly it happened or what sort of non-public data was retrieved. The agency said the attackers had exploited a weakness in part of the EDGAR system and it had “promptly” fixed it.

CYBER SLEUTHS NEEDED

Clayton will be grilled on the incident and its aftermath at a hearing by the Senate Banking Committee on Tuesday. In particular, questions are likely about how prepared the SEC was against such an attack and why it waited until now to disclose it.

Securities industry rules require companies to disclose cyber breaches to investors and the SEC has investigated firms over whether they should have reported incidents sooner.

In July, months after the breach was detected, a congressional watchdog office warned that the Wall Street regulator was “at unnecessary risk of compromise” because of deficiencies in its information systems.

The 27-page report by the Government Accountability Office found the SEC did not always fully encrypt sensitive information, used unsupported software, failed to fully implement an intrusion detection system and made missteps in how it configured its firewalls, among other things.

It also shut down a specialized unit on cyber crimes as part of a reorganization in 2010 despite former SEC chair Mary Jo White, in office when the hack occurred, telling Reuters in 2016 that cyber security posed the biggest risk to the U.S. financial system.

Cyber crimes have continued to spread, thrive and become more innovative. Now, more than ever, the SEC needs a dedicated and specialized corps of cyber sleuths to track down and deter hackers,” said Stark, currently president of a cyber consulting firm.

The SEC has scored some victories in tackling cyber criminals. In 2015, the commission unmasked a ring of stock traders and hackers who had accessed company press releases from distributors Marketwire, PR Newswire and Business Wire before the information was made public to make $100 million in illegal profits…

Article Source: Reuters

CloudBuzz

The latest in curated technology related news collected from many of the leading news distribution, industry research and technology vendor firms on the planet.

Here you will find recent news sources from companies such as Reuters, Marketwired, IDC, Gartner or directly from cloud vendors such as Google, Microsoft or Amazon.

Maintaining Network Performance And Security In Hybrid Cloud Environments

Maintaining Network Performance And Security In Hybrid Cloud Environments

Hybrid Cloud Environments After several years of steady cloud adoption in the enterprise, an interesting trend has emerged: More companies ...
How To Be Data Compliant When Using The Cloud

How To Be Data Compliant When Using The Cloud

Data compliant Companies using the cloud for data storage, applications hosting or anything else, have to carefully consider data compliance ...
What Is Net Neutrality And Why Is It So Important?

What Is Net Neutrality And Why Is It So Important?

What Is Net Neutrality? Net neutrality is a concept that has been the centre of a lot of debates recently, ...
5 Things To Consider About Your Next Enterprise Sharing Solution

5 Things To Consider About Your Next Enterprise Sharing Solution

Enterprise File Sharing Solution Businesses have varying file sharing needs. Large, multi-regional businesses need to synchronize folders across a large ...
Rainmaking From The Cloud - CIOs Struggle To Keep Pace With IT Demands

Rainmaking From The Cloud – CIOs Struggle To Keep Pace With IT Demands

Rainmaking from the Cloud In the digital era, where customers can select virtually anything with a click of a button, ...
Global Public Cloud Spending To Double By 2020

Global Public Cloud Spending To Double By 2020

The Cloud and Endpoint Modeling The worldwide migration of IT resources to the public cloud continues, at a head-spinning pace ...
Worldwide Spending on Blockchain Forecast to Reach $11.7 Billion in 2022, According to New IDC Spending Guide

Worldwide Spending on Blockchain Forecast to Reach $11.7 Billion in 2022, According to New IDC Spending Guide

FRAMINGHAM, Mass., July 19, 2018 – Worldwide spending on blockchain solutions is forecast to reach $11.7 billion in 2022, according to a new update to the Worldwide Semiannual Blockchain Spending Guide from International Data Corporation (IDC). IDC expects ...
Microsoft quarterly results beat as cloud revenue soars

Microsoft quarterly results beat as cloud revenue soars

(Reuters) - Microsoft Corp (MSFT.O) on Thursday posted quarterly profit and revenue that beat analysts’ estimates, as more businesses signed up for its Azure cloud computing services and Office 365 productivity suite. The company’s flagship ...
Kodak Bitcoin mining 'scam' evaporates

Kodak Bitcoin mining ‘scam’ evaporates

The company behind a Kodak-branded crypto-currency mining scheme has confirmed the plan has collapsed. In January, a Bitcoin mining computer labelled Kodak KashMiner was on display on Kodak's official stand at the CES technology show ...