The U.S. Securities and Exchange Commission (SEC) yesterday charged a Ukrainian hacker and several global traders with breaking into their EDGAR database and using the stolen information to trade on corporate earnings news. The SEC uses the EDGAR database to store corporate filings, both public and private.
According to the SEC, the hacker and traders gained over $4 million in illegal trading profits; The SEC seeks to recoup these illicit gains and impose fines. They charged two of the defendants criminally with wire fraud, computer fraud, and conspiracy.
Oleksandr Ieremenko, one of the hackers allegedly responsible, continues to elude authorities. He has been in hiding since his alleged involvement in the 2015 theft of thousands of press releases from newswire services; this previous scheme generated over $100 million in illegal profits.
But what do these SEC charges mean for your enterprise? What can you learn from them as you form your own cybersecurity platform? The key takeaways from these recent SEC charges may surprise you:
Phishing Can Hit the SEC…and You
So how did the hackers managed to infiltrate the SEC EDGAR database? What nefarious plot or elite hacking tool did they use to steal some of the most coveted financial data in the world? What Hollywood-esque montage must have taken place as they hacked into the mainframe (so to speak)?
A phishing scheme. The hackers involved sent SEC employees fake emails masquerading as communications from other employees. That’s it.
Hackers continue to prefer phishing schemes to almost any other infiltration or social engineering tactic. In part, their effectiveness ties into their mundanity; phishing attacks look like legitimate emails, and employees without proper training will reliably open their emails. Phishing attacks, therefore, provide a low effort, high impact cyber threat.
Furthermore, if it can hit the SEC, it can hit your enterprise as well. To prevent a phishing attack from inflicting damage on your databases, make sure your employees can recognize a phishing attack if they receive one; there are tell-tale signs for almost all of them. Incentivize recognizing phishing attacks before they occur, either through a small rewards program or by making cybersecurity a part of your employees’ everyday job duties and performance reviews.
Additionally, ensure your cybersecurity platform includes a SIEM solution with strong threat detection capabilities. Your enterprise can also benefit from an email security solution to prevent phishing attacks from reaching your inboxes.
Watch What You Store!
Your enterprise may not store corporate profits news in its databases. But hackers can and will try to steal as much data as they can regardless. AS the SEC hack proves, hackers don’t have to outright steal data to profit off it. Your enterprise, by virtue of being a part of the digital marketplace, possesses data hackers want.
This makes you a target.
One of the ways to limit yourself as a target is to carefully regulate and monitor the data you collect and store. Does the data you collect have a legitimate business aim? If so, how often do you utilize it? Can you do without it? And if not, how do you store the data? Do you know where all of your databases are within your network? Who has access to them?
If you had any trouble answering any of these questions, then you need to rethink your database storage and security.
Latest posts by Ben Canner (see all)
- Next-Gen Security Analytics Should Form Your Cybersecurity Linchpin - April 19, 2019
- [VIDEO] Solutions Review Explores: What is SIEM? - April 16, 2019
- Enterprise SIEM Evolution; Cybersecurity Isn’t Static - April 15, 2019