It turns out even the Securities and Exchange Commission’s (SEC) computers aren’t super secure, even following a breach last year, according to a report in Reuters.
Citing a confidential weekly report issued by the U.S. Department of Homeland Security (DHS), the news service reported the DHS had identified five “critical” cyber security weaknesses on the SEC’s computing systems as of the end of January. At that time, according to Reuters, the report showed the SEC had the fourth most critical weaknesses.
It's not clear which weaknesses the DHS found on the SEC computer systems, Reuters noted. Its also not clear if the weaknesses were related to a breach the SEC disclosed last year. It’s EDGAR website, on which corporate filings are listed, was hacked a year ago. The SEC said last year it had patched the weaknesses that led to the hack, though there may still be material issues from a cybersecurity perspective, the article noted.
The report is noteworthy, given that in June the SEC said it was shifting its focus to go after cyber hackers who are increasingly targeting the accounts of brokerage firms to steal assets and/or make illegal trades. The SEC announced at the time that Steven Peikin and Stephanie Avakian had been appointed new co-directors of enforcement. Reuters reported both Peikin and Avakian are very concerned with cyberattacks on brokerage firms.
“The greatest threat to our markets right now is the cyber threat,” said Peikin in the exclusive interview. “That crosses not just this building, but all over the country.”
According to the report, the SEC has seen an increase in the number of investigations that involve hacking as well as in the number of attempts to break into brokerage accounts. It is now gathering statistics on cybercrimes as a result so that it can better pinpoint market-wide issues.