{"id":2410,"date":"2019-01-16T10:45:46","date_gmt":"2019-01-16T14:45:46","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=2410"},"modified":"2019-01-16T10:45:46","modified_gmt":"2019-01-16T14:45:46","slug":"the-key-cybersecurity-takeaways-from-the-recent-sec-charges","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/","title":{"rendered":"The Key Cybersecurity Takeaways From The Recent SEC Charges"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1062\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg\" alt=\"The Key Cybersecurity Takeaways From The Recent SEC Charges\" width=\"800\" height=\"350\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-300x131.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-768x336.jpg 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-600x263.jpg 600w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-617x270.jpg 617w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-180x79.jpg 180w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1-400x175.jpg 400w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The U.S. Securities and Exchange Commission (SEC) yesterday charged a Ukrainian hacker and several global traders with breaking into their EDGAR database and using the stolen information to trade on corporate earnings news. The SEC uses the EDGAR database to store corporate filings, both public and private. <\/span><\/p>\n<p style=\"text-align: justify\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a href=\"https:\/\/logrhythm.com\/forrester-wave-security-analytics-analyst-report-2018\/?utm_source=Solutions-Review&amp;utm_medium=cpc&amp;utm_campaign=Solutions-Review&amp;AdGroup=&amp;utm_program=NAcpc1&amp;utm_content=C-Download-Now&amp;utm_region=NA&amp;utm_language=en\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/10\/PM_Forrester_Wave_Display_C.jpg\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">According to the SEC, the hacker and traders gained over $4 million in illegal trading profits; The SEC seeks to recoup these illicit gains and impose fines. They charged two of the defendants criminally with wire fraud, computer fraud, and conspiracy. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Oleksandr Ieremenko, one of the hackers allegedly responsible, continues to elude authorities. He has been in hiding since his alleged involvement in the 2015 theft of thousands of press releases from newswire services; this previous scheme generated over $100 million in illegal profits. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">But what do these SEC charges mean for your enterprise? What can you learn from them as you form your own cybersecurity platform? The key takeaways from these recent SEC charges may surprise you: <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Phishing Can Hit the SEC&#8230;and You<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">So how did the hackers managed to infiltrate the SEC EDGAR database? What nefarious plot or elite hacking tool did they use to steal some of the most coveted financial data in the world? What Hollywood-esque montage must have taken place as they hacked into the mainframe (so to speak)? <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\"><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/key-findings-cofense-state-phishing-defense-2018-report\/\" target=\"_blank\" rel=\"noopener\">A phishing scheme.<\/a> The hackers involved sent SEC employees fake emails masquerading as communications from other employees. That\u2019s it. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Hackers continue to prefer phishing schemes to almost any other infiltration or social engineering tactic. In part, their effectiveness ties into their mundanity; phishing attacks look like legitimate emails, and employees without proper training will reliably open their emails. Phishing attacks, therefore, provide a low effort, high impact cyber threat. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Furthermore, if it can hit the SEC, it can hit your enterprise as well. To prevent a phishing attack from inflicting damage on your databases, make sure your employees can recognize a phishing attack if they receive one; <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/recognize-phishing-attack-strikes\/\" target=\"_blank\" rel=\"noopener\">there are tell-tale signs for almost all of them<\/a>. Incentivize recognizing phishing attacks before they occur, either through a small rewards program or by making cybersecurity a part of your employees&#8217; everyday job duties and performance reviews.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Additionally, ensure your cybersecurity platform includes a SIEM solution with strong threat detection capabilities. Your enterprise can also benefit from an email security solution to prevent <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/slashnext-phishing-survey-reveals-underestimation-of-threats\/\" target=\"_blank\" rel=\"noopener\">phishing attacks<\/a> from reaching your inboxes. \u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Watch What You Store! <\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Your enterprise may not store corporate profits news in its databases. But hackers can and will try to steal as much data as they can regardless. AS the SEC hack proves, hackers don\u2019t have to outright steal data to profit off it. Your enterprise, by virtue of being a part of the digital marketplace, possesses data hackers want. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">This makes you a target. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">One of the ways to limit yourself as a target is to carefully regulate and monitor the data you collect and store. Does the data you collect have a legitimate business aim? If so, how often do you utilize it? Can you do without it? And if not, how do you store the data? Do you know where all of your databases are within your network? Who has access to them? \u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">If you had any trouble answering any of these questions, then you need to rethink your database storage and security.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><br \/>Widget not in any sidebars<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The U.S. Securities and Exchange Commission (SEC) yesterday charged a Ukrainian hacker and several global traders with breaking into their EDGAR database and using the stolen information to trade on corporate earnings news. The SEC uses the EDGAR database to store corporate filings, both public and private. According to the SEC, the hacker and traders [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":1062,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551],"tags":[353,95,145,112,86,82,48,970,21,57,22],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>The Key Cybersecurity Takeaways From The Recent SEC Charges<\/title>\n<meta name=\"description\" content=\"The U.S. SEC yesterday charged several global traders with breaking into their EDGAR database. Here&#039;s what you can learn from this attack.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Key Cybersecurity Takeaways From The Recent SEC Charges\" \/>\n<meta property=\"og:description\" content=\"The U.S. SEC yesterday charged several global traders with breaking into their EDGAR database. Here&#039;s what you can learn from this attack.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-16T14:45:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"350\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/\",\"name\":\"The Key Cybersecurity Takeaways From The Recent SEC Charges\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg\",\"datePublished\":\"2019-01-16T14:45:46+00:00\",\"dateModified\":\"2019-01-16T14:45:46+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"The U.S. SEC yesterday charged several global traders with breaking into their EDGAR database. Here's what you can learn from this attack.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg\",\"width\":800,\"height\":350,\"caption\":\"FireEye and Mandiant Security Validation Find Limited Cybersecurity Effectiveness\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The Key Cybersecurity Takeaways From The Recent SEC Charges\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\",\"description\":\"Buyer&#039;s Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Key Cybersecurity Takeaways From The Recent SEC Charges","description":"The U.S. SEC yesterday charged several global traders with breaking into their EDGAR database. Here's what you can learn from this attack.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/","og_locale":"en_US","og_type":"article","og_title":"The Key Cybersecurity Takeaways From The Recent SEC Charges","og_description":"The U.S. SEC yesterday charged several global traders with breaking into their EDGAR database. Here's what you can learn from this attack.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","article_published_time":"2019-01-16T14:45:46+00:00","og_image":[{"width":800,"height":350,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/","name":"The Key Cybersecurity Takeaways From The Recent SEC Charges","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg","datePublished":"2019-01-16T14:45:46+00:00","dateModified":"2019-01-16T14:45:46+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"The U.S. SEC yesterday charged several global traders with breaking into their EDGAR database. Here's what you can learn from this attack.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2017\/10\/Untitled-1.jpg","width":800,"height":350,"caption":"FireEye and Mandiant Security Validation Find Limited Cybersecurity Effectiveness"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/the-key-cybersecurity-takeaways-from-the-recent-sec-charges\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"The Key Cybersecurity Takeaways From The Recent SEC Charges"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","description":"Buyer&#039;s Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2410"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=2410"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2410\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/1062"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=2410"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=2410"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=2410"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}