In response to the ransomware attack known as WannaCry that rapidly spread through numerous organizations across more than 100 countries, the Securities and Exchange Commission is cautioning broker-dealers and investment advisors to protect themselves against the WannaCry ransomware.
On Wednesday the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a ransomware alert.
This risk alert highlights the importance of conducting “penetration tests and vulnerability scans on critical systems and implementing system upgrades on a timely basis.”
The SEC encourages broker-dealers and investment management firms to review the alert published by the United States Department of Homeland Security’s Computer Emergency Readiness and evaluate whether applicable Microsoft patches for Windows XP, Windows 8 and Windows Server 2003 operating systems are properly and timely installed.
“Initial reports indicate that the hacker or hacking group behind the attack is gaining access to enterprise servers either through Microsoft Remote Desktop Protocol (RDP) compromise or the exploitation of a critical Windows Server Message Block version 1 vulnerability,” the alert states. “Some networks have also been affected through phishing emails and malicious websites.”
OCIE’s National Examination Program staffers also identified several areas where broker-dealers and advisors could be vulnerable to attacks – based on a recent exam of 75 SEC-registered broker-dealers, investment advisers and investment companies to assess industry practices and compliance issues associated with cybersecurity preparedness.
The staff observed firm practices during these examinations that it believes may be particularly relevant to smaller registrants in relation to the WannaCry ransomware incident.