US SEC issues Cybersecurity warning on Ransomware and Phishing Attacks

240

US SEC has issued a Cybersecurity warning to all its advisors and brokerage dealers about a possible Phishing and Ransomware attack on their IT Infrastructure. The Financial agency has warned that one or more threat actors could use various fraudulent techniques to infiltrate into networks of financial institutes causing severe harm to digital assets.

According to a risk alert issued by the Office of Compliance Inspections and Examinations (OCIE) all banking agents and market participants are being urged to raise their defense line against cyber attacks by following the prescribed Cybersecurity measures published by the DHS and CISA on June 30,2020.


All third party service providers which maintain client assets and records for registrants are also being urged following the updated CISA guidance to cut down overall vulnerabilities propelling cyber threats.

There is no one size fits all strategy to reduce the threat scale and so SEC is urging all financial agencies to attain operational resiliency by upgrading their Cybersecurity preparedness.

Note- At the end of last month, Cybersecurity and Infrastructure Security Agency (CISA) have issued certain guidelines for companies affected by cyber threats like Dridex Malware. And as per the rules, companies need to contact FBI and CISA as soon as they are infected by the said malware. Also, the federal agency is encouraging companies to use threat monitoring solutions that can actively block or report any suspicious malevolent activities on the go. On an additional note, companies can file the Suspicious Activity Report under Item 44 when they find any suspicious phishing attempts via email, indicators of compromise, and compromise of hashes, file names, domains and IP addresses.