SEC Releases Details of Security Review
Earlier today, Chairman Jay Clayton of the US Securities and Exchange Commission ("SEC") released the results of a cybersecurity review that the agency began in May of 2017.
One of the most interesting revelations - the SEC's Edgar filing system was compromised in 2016. This intrusion may have resulted in hackers using their access to non-public information to place trades that may have resulted in "illicit" gains.
According to Chairman Clayton, the vulnerability was patched, though the unauthorized access could have resulted in hackers profiting from their access to non-public information.
In addition, Clayton also said that the SEC has investigated and filed cases against people who have entered fake SEC filings on the EDGAR system. In the past, fake SEC filings have caused some dramatic price swings in their targets, as most people assumed that anything that has been posted via EDGAR has been verified.
-
The SEC obviously has a big target on its back due to the massive amount of money that could be made from a hacker gaining access to non-public information.
In addition, malicious employees, competitors or even terrorists could potentially infiltrate the system to plant bogus information that could be used to (temporarily) tank the price of any targeted company.
-
In addition to the 2016 intrusion, the SEC also detailed a couple of other instances in which non-public information was put at risk:
1. In 2014, an internal security audit revealed that several SEC laptops that contained non-public information couldn't be located
2. There have been instances in which SEC employees have used non-secure private email accounts to transmit non-public information
-
The SEC closed their statement by saying that they are continuing to clamp down on the possibility of any security breaches by promoting effective cybersecurity practices.
Source: SEC.gov - Statement on Cybersecurity
Filed under: General Knowledge