All cyber-attacks articles

  • bitcoin laundering
    Article

    Cyber-criminals have supply chains, too

    2020-05-06T20:02:00Z

    All cyber-attacks leave a trail. These trails can be complex, of course, but the criminals cannot avoid them. Thus, they leave a supply chain of intelligence and data.

  • Article

    Cyber-security attestations now required for leadership at NY’s financial firms

    2018-02-21T09:45:00Z

    Tough new cyber-security regulations, crafted in New York, require board members and senior officials to not just talk the talk.

  • bughunters
    Article

    Uber breach sheds light on how companies use ‘bug hunters’

    2018-02-13T09:30:00Z

    As a cyber-security tool, companies are turning to outsiders to hunt down software and security flaws. The concern is that bug bounties may become excessive or reward illegal activity.

  • Blog

    Dems pitch data protections in response to Equifax woes

    2017-09-20T14:00:00Z

    Democratic senators have introduced new legislation intended “to give control over credit and personal information back to consumers” following a massive data breach at consumer credit rating firm Equifax that compromised the personal information of at least 143 million Americans.

  • Article

    Firms gird for fast-approaching NYDFS cyber-security deadlines

    2017-08-08T11:30:00Z

    New York’s new cyber-security rules are already creating compliance and liability concerns. They may also give rise to a fractured playing field of demands in other states.

  • ransomware
    Article

    Risk management lessons of the WannaCry ransomware

    2017-05-23T01:15:00Z

    A global hack attack that held organizations’ data hostage for Bitcoin ransoms raises regulatory issues, disclosure debates, and risk management concerns.

  • ExecutiveSilhouettePhone
    Article

    Fending off executive impersonation schemes

    2016-10-12T09:30:00Z

    Everybody thinks they would never fall for an obvious cyber-scam … until they do. Jaclyn Jaeger reports.

  • Blog

    New OFAC Sanctions Rules Target Cyber-Attacks

    2015-12-31T12:30:00Z

    The Treasury Department has implemented new rules that execute an executive order issued in April by President Barack Obama authorizing sanctions against countries and foreign nationals involved in cyber-attacks against U.S. citizens, companies, or government agencies. The rules formalize a strategy used to increase sanctions against North Korea in response ...

  • Blog

    Wyndham Settles FTC Charges in Cyber-Security Case

    2015-12-09T14:00:00Z

    Wyndham Worldwide this week agreed to settle charges with the Federal Trade Commission that the company’s security practices unfairly exposed the payment card information of hundreds of thousands of consumers to hackers in three separate data breaches. The FTC first filed the complaint against Wyndham in 2012 over allegations that ...

  • Blog

    R.T. Jones Pays SEC $75K for Failing to Adopt Cyber-Security Policies

    2015-10-05T11:00:00Z

    Investment advisory firm R.T. Jones last week reached a $75,000 settlement with the Securities and Exchange Commission for failing to adopt written policies and procedures reasonably designed to protect customer records and information in violation of the "Safeguards Rule." Such failures ultimately resulted in a cyber-attack that compromised the personally ...

  • Blog

    SEC Exams Reveal Mixed Bag of Financial Firms' Cyber-Security Efforts

    2015-02-03T17:15:00Z

    Last year, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations examined 106 broker-dealers and investment advisers in an effort to better understand how they address the legal, regulatory, and compliance issues associated with cyber-security. An OCIE risk alert released this week breaks down the findings of the ...

  • Blog

    Bank Executives, Boards Urged to Share Cyber-Risk Data

    2014-11-04T10:45:00Z

    Bank executives and directors are getting another new guidance from the multi-agency Federal Financial Institutions Examination Council. The guidance encourages management and boards to ask questions about how accountability is determined for managing cyber-risks; the process for ensuring employee awareness; what is reported to the board on cyber-security events; the ...