OCIE issues ransomware alert to financial services

By DeAnn Orie2020-07-15T14:49:00+01:00

No comments

The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) has issued a risk advisory warning financial firms of recent reports indicating several threat actors are perpetrating phishing campaigns meant to gain access to internal resources and deploy ransomware (malware that gains access to systems while shutting out owners until a ransom is paid).

The agency says it has seen an increased level of sophistication in these attacks against SEC registrants, including broker-dealers, investment advisers, and investment companies, and it advises continued monitoring of cyber-security alerts from the Department of Homeland Security Cybersecurity and Infrastructure Security Agency.

Click here for more information from the OCIE on how to enhance systems to thwart such attacks, or read more from Compliance Week below.

Topics

No comments

Interested in writing for CW?

Compliance Week accepts outside contributions from corporate chief compliance officers and other senior-level GRC practitioners. To learn more, contact the CW Editor.

Article
Treasury sanctions virtual currency exchange as part of ransomware response

2021-09-21T20:43:00Z By Aaron Nicodemus

The U.S. Department of the Treasury announced “robust actions” to counter ransomware, including blocking the assets of a Russian virtual currency exchange that has facilitated payments for at least eight ransomware variants.
Article
Carnival discloses ransomware attack

2020-08-19T16:05:00Z By Aaron Nicodemus

Carnival Corp., already hit with a complete halt of business since April due to the coronavirus pandemic, is the latest major company to reveal the discovery of a ransomware attack.
Article
OCIE risk alert offers coronavirus-related advice to investment, brokerage firms

2020-08-13T17:22:00Z By Aaron Nicodemus

Many of the coronavirus-related risks recently highlighted by the Office of Compliance Inspections and Examinations are well-known, but the agency made a point of mentioning fees and expenses.

No comments yet

You're not signed in.

Only registered users can comment on this article.

More from Cybersecurity

News Brief
AT&T: Data leak exposed info of 73M customers onto dark web

2024-04-01T14:00:00Z By Aaron Nicodemus

AT&T said personal account data on approximately 73 million current and former customers was released on the dark web two weeks ago but has not yet identified when and where the breach occurred.
Premium
Toeing the ‘fine line’ of cloud security compliance

2024-02-14T22:26:00Z By Adrianne Appel

When organizations move their data or operations to the cloud, the compliance team has their work cut out and then some, experts discussed at CW’s Cyber Risk & Data Privacy Summit.
Premium
Experts: Good data breach response grounded in preparation

2024-02-06T15:24:00Z By Aaron Nicodemus

Two chief compliance officers and an attorney discussed preparation for the “when, not if” threat of a data breach during a panel at CW’s Cyber Risk & Data Privacy Summit.

“For tracking litigation, enforcement, and regulatory developments, Compliance Weekshould be your prime source.”

OCIE issues ransomware alert to financial services

Topics

Interested in writing for CW?

Compliance Week accepts outside contributions from corporate chief compliance officers and other senior-level GRC practitioners. To learn more, contact the CW Editor. googletag.cmd.push(function() { googletag.display('div-gpt-ad-B'); });

Related articles

Treasury sanctions virtual currency exchange as part of ransomware response

Carnival discloses ransomware attack

OCIE risk alert offers coronavirus-related advice to investment, brokerage firms

No comments yet

Only registered users can comment on this article.

More from Cybersecurity

AT&T: Data leak exposed info of 73M customers onto dark web

Toeing the ‘fine line’ of cloud security compliance

Experts: Good data breach response grounded in preparation

“For tracking litigation, enforcement, and regulatory developments, Compliance Week
should be your prime source.”

Compliance Week accepts outside contributions from corporate chief compliance officers and other senior-level GRC practitioners. To learn more, contact the CW Editor.