Eugene Grygo, CCO, FTF News
In a surprising display of transparency, the SEC Chairman Jay Clayton last week acknowledged that the regulator’s EDGAR database had been hacked.
To recap, SEC officials learned last month that “an incident previously detected in 2016 may have provided the basis for illicit gain through trading,” according to officials. The popular EDGAR platform, whose acronym means the Electronic Data Gathering, Analysis, and Retrieval, had “a software vulnerability in the test filing component … [which] was patched promptly after discovery.”
While the security breach “resulted in access to nonpublic information,” SEC officials say there was no improper access to “personally identifiable information” and that the incident did not impact the SEC’s operations “or result in systemic risk.”
Clayton began an internal investigation once the breach was identified, but the identity of the culprit (or culprits) is not yet known. The SEC chairman has been facing initial criticisms from U.S. Senators and others this week for the way the regulator handled the discovery of the hack. Yet all signs suggest that it would be better for all to wait until the investigation is complete before jumping to conclusions.
So, in the wake of the breach revelation, the SEC is moving ahead with two initiatives: it has set up a Cyber Unit “targeting cyber-related misconduct;” and it has launched “a retail strategy task force” for initiatives to help protect retail investors.
The Cyber Unit, pitched as an extension of the SEC’s Enforcement Division’s work to stop cyber-based threats, will focus on:
- Market manipulation schemes based on false information “spread through electronic and social media;”
- Hacking that attempts to access material nonpublic information;
- Problems caused by distributed ledger technology and initial crypto-currency coin offerings;
- The problems created via the dark web;
- Break-ins into retail brokerage accounts;
- Cyber-related threats to trading platforms and other critical market infrastructure
SEC officials say the unit has been in the works for months, and will underscore Clayton’s efforts “to implement an internal cybersecurity risk profile and create a cybersecurity working group to coordinate information sharing, risk monitoring, and incident response efforts throughout the agency.”
“The Cyber Unit will enhance our ability to detect and investigate cyber threats through increasing expertise in an area of critical national importance,” says Stephanie Avakian, co-director of the SEC’s Enforcement Division, in a prepared statement. The Cyber Unit will pull together the “substantial expertise” that the Enforcement Division has developed over the years, and “it will consolidate and advance these efforts, and include staff from across the Enforcement Division.
The SEC has appointed Robert A. Cohen as the new chief of the Cyber Unit, which follows his work as a co-chief of the Market Abuse Unit. His co-chief was Joseph Sansone who will continue to lead the unit as its chief.
The mission of the Retail Strategy Task Force will be to “develop proactive, targeted initiatives to identify misconduct impacting retail investors,” officials say. The SEC hopes to learn a lot of lessons from those cases and learn from the “data analytics and technology to identify large-scale misconduct affecting retail investors.” The task force will involve enforcement personnel from around the country and will work with staff across the SEC, “including from the SEC’s National Exam Program and the Office of Investor Education and Advocacy,” officials say.
While the SEC sidestepped the issue in its announcements, these efforts, mainly directed toward Main Street investors, just might help those involved in the EDGAR case and certainly will help prevent such attacks in the future.
Need a Reprint?