SEC Introduces Initiatives for Cyber Threats and Retail Investors
Building on its Enforcement Division’s efforts to counter cyber-based threats and safeguard retail investors, the Securities and Exchange Commission (“SEC”) announced on September 25 the creation of the following two initiatives: Cyber Unit: Using the Enforcement Division’s cyber expertise, the new Cyber Unit will target misconduct concerning market manipulation schemes featuring false information distributed electronically and through social media; hacking to acquire private information; and violations related to distributed ledger technology and initial coin offerings. Retail Strategy Task Force: With the Enforcement Division experiencing long-term success at bringing cases such as the sale of unsuitable structured products and microcap pump-and-dump schemes, the Retail Strategy Task Force will create proactive,. Read More.
SEC Computers Compromised Last Year
Securities and Exchange Commission (“SEC”) Chairman Jay Clayton has announced that the agency’s computers were breached in 2016, possibly causing private information in its Electronic Data Gathering And Retrieval (“EDGAR”) filing system to be used for making illegal trades. In a statement issued on Wednesday, Clayton said an investigation is underway, but the SEC believes the security breach did not create unauthorized access to personally identifiable information, endanger the market regulator’s operations, or lead to systemic risk. Aside from stating that it detected the breach last year, the SEC has provided few details. The SEC did note that it realized. Read More.
Coastal Carolina Investigating Possible Phishing Scam
An investigation is underway to help Coastal Carolina University (“CCU”) recover money stolen through a possible phishing scam. The university discovered that scam artists masqueraded as vendors under contract with Coastal Carolina to pocket more than $1 million over two incidents. During the first incident, an individual claiming to be a vendor representative emailed CCU financial services and asked to change the vendor’s bank account information, and had around $839,000 wired to their account. Per the investigation, the scam artists are highly skilled and could be located in the U.S. and internationally. Click here for more about Coastal Carolina University’s investigation.
Universities Impacted by Gambling SEO Scheme
Over 70 websites around the globe have been linked to a search engine optimization (“SEO”) gambling scheme. The scheme, discovered by researchers at eTraffic, mostly impacted university sites that were linked in course descriptions to keywords such as “real slot machines.” eTraffic said the SEO scheme was to help push gambling sites up Google’s search rankings and generate more money for online gambling businesses. It’s unknown how the links appeared, but hacking due to the vulnerabilities of blogging plugins is possible. More on the SEO gambling scheme is available on The Verge.
Nonprofits Working to Address Cybersecurity
A Ponemon Institute report has predicted an 82 percent rise in cyber-attacks over the next several years. The increased threat of security breaches may affect the economy and organizations in every industry, especially nonprofits. A nonprofit’s reputation and ability to raise money could be put at risk, as well as cause its donors to lose trust. Consequently, fulfillment of the organization’s mission may be jeopardized. To safeguard against cyber crimes and protect their best interests, nonprofits should make updates to current policies and processes to better manage information security. Preparation involves a risk assessment of the organization’s information technology environment, including external data. Read More.
AICPA Establishes Cybersecurity Resource Center
To help Certified Public Accountants manage cybersecurity risks among their clients and organizations, the American Institute of Certified Public Accountants (“AICPA”) has launched the Cybersecurity Resource Center. This new initiative aims to position CPAs as leaders that can share their expertise and provide advisory and assurance services focused on addressing risks linked to cybersecurity. More details on the Cybersecurity Resource Center can be found on the AICPA Web site.