All cyber-attacks articles

  • bitcoin laundering

    Cyber-criminals have supply chains, too


    All cyber-attacks leave a trail. These trails can be complex, of course, but the criminals cannot avoid them. Thus, they leave a supply chain of intelligence and data.

  • Article

    Cyber-security attestations now required for leadership at NY’s financial firms


    Tough new cyber-security regulations, crafted in New York, require board members and senior officials to not just talk the talk.

  • bughunters

    Uber breach sheds light on how companies use ‘bug hunters’


    As a cyber-security tool, companies are turning to outsiders to hunt down software and security flaws. The concern is that bug bounties may become excessive or reward illegal activity.

  • Blog

    Dems pitch data protections in response to Equifax woes


    Democratic senators have introduced new legislation intended “to give control over credit and personal information back to consumers” following a massive data breach at consumer credit rating firm Equifax that compromised the personal information of at least 143 million Americans.

  • Article

    Firms gird for fast-approaching NYDFS cyber-security deadlines


    New York’s new cyber-security rules are already creating compliance and liability concerns. They may also give rise to a fractured playing field of demands in other states.

  • ransomware

    Risk management lessons of the WannaCry ransomware


    A global hack attack that held organizations’ data hostage for Bitcoin ransoms raises regulatory issues, disclosure debates, and risk management concerns.

  • ExecutiveSilhouettePhone

    Fending off executive impersonation schemes


    Everybody thinks they would never fall for an obvious cyber-scam … until they do. Jaclyn Jaeger reports.

  • Blog

    New OFAC Sanctions Rules Target Cyber-Attacks


    The Treasury Department has implemented new rules that execute an executive order issued in April by President Barack Obama authorizing sanctions against countries and foreign nationals involved in cyber-attacks against U.S. citizens, companies, or government agencies. The rules formalize a strategy used to increase sanctions against North Korea in response ...

  • Blog

    Wyndham Settles FTC Charges in Cyber-Security Case


    Wyndham Worldwide this week agreed to settle charges with the Federal Trade Commission that the company’s security practices unfairly exposed the payment card information of hundreds of thousands of consumers to hackers in three separate data breaches. The FTC first filed the complaint against Wyndham in 2012 over allegations that ...

  • Blog

    R.T. Jones Pays SEC $75K for Failing to Adopt Cyber-Security Policies


    Investment advisory firm R.T. Jones last week reached a $75,000 settlement with the Securities and Exchange Commission for failing to adopt written policies and procedures reasonably designed to protect customer records and information in violation of the "Safeguards Rule." Such failures ultimately resulted in a cyber-attack that compromised the personally ...

  • Blog

    SEC Exams Reveal Mixed Bag of Financial Firms' Cyber-Security Efforts


    Last year, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations examined 106 broker-dealers and investment advisers in an effort to better understand how they address the legal, regulatory, and compliance issues associated with cyber-security. An OCIE risk alert released this week breaks down the findings of the ...

  • Blog

    Bank Executives, Boards Urged to Share Cyber-Risk Data


    Bank executives and directors are getting another new guidance from the multi-agency Federal Financial Institutions Examination Council. The guidance encourages management and boards to ask questions about how accountability is determined for managing cyber-risks; the process for ensuring employee awareness; what is reported to the board on cyber-security events; the ...