SEC Warning: Ransomware Targets Financial Networks
The U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) has discovered new phishing and ransomware attacks that target financial institutions’ networks.
OCIE recently observed an increase in threat actors that have orchestrated phishing and other ransomware campaigns designed to penetrate financial networks, according to a warning issued July 10. It indicated that cybercriminals are using these attacks to access organizations’ internal resources and deploy ransomware.
Furthermore, phishing and ransomware attacks against broker-dealers, investment advisers and investment companies are becoming increasingly sophisticated, OCIE stated. These attacks also have been used to target service providers.
OCIE Offers Phishing, Ransomware Attack Security Recommendations
There is no “one-size-fits-all” approach to protect against phishing and ransomware attacks, OCIE noted. However, organizations can use tactics and techniques across a variety of areas to guard against these attacks, including:
- Incident Response: Organizations can assess, test and update their incident response and resiliency policies and procedures.
- Operational Resiliency: Organizations can determine which systems and processes must be restored during an outage to ensure that their everyday operations can continue.
- Awareness and Training Programs: Organizations can provide cybersecurity and resiliency training and use phishing exercises to help employees identify ransomware attacks.
- Vulnerability Scanning and Patch Management: Organizations can use vulnerability and patch management programs to identify and address security risks.
- Access Management: Organizations can leverage processes and protocols to manage user access to systems and networks.
- Perimeter Security: Organizations can establish security controls to manage, monitor and inspect incoming and outgoing network traffic.
In addition, the SEC shares cybersecurity guidance on its Cybersecurity Spotlight webpage. It also provides regular security updates to inform organizations about new cyber risks.