The Federal Bureau of Investigation recently announced that nine people were charged in the largest known computer hacking in a securities fraud scheme. In this case, more than 150,000 press releases were stolen over a period of five years using malware and phishing attacks to get logon credentials. While any data breach or intellectual property theft is concerning, this breach involved press releases about upcoming announcements by public companies concerning earnings, gross margins, revenues, and other confidential and financial information. The hackers, in conjunction with other traders and known accomplices, traded stocks ahead of more than 800 stolen press releases.
The Significance of this Case
What makes this case different from other data breaches in the past is that it shows that cybercriminals are seeking new avenues of exploitation and becoming more sophisticated. Over the last two years, hackers have targeted major retailers and US government personnel. According to media sources, this criminal case “marks the first US prosecution alleging a securities fraud scheme using hacked inside information.”
Be Proactive: 3 Reasons to have an Information Security Assessment
1: Self-awareness
Now is the time for companies that haven’t given information security enough attention to take a proactive stance to improve their cyber defense capabilities. Typically by way of an information security assessment, to identify and address areas of weakness before they are exploited. A lack of information security or cyber defense resources is no excuse for a failed understanding of a company’s technology and security risks.
2: Unbiased Assessment
Independent information security consulting firms can serve as a great way to get an unbiased assessment of information security programs maturity and identify gaps that should be addressed by application of security controls. These assessments often provide significant value and can also identify where there is an excess of security tools, or where a company lacks staffing resources to use their tools operationally.
3: Valuable Tool
If you haven’t already, check out this blog post on why security assessments are a valuable tool. Independent information security consulting firms like CyberSheath Services can review your security program, assess the posture of your cyber defense capabilities, and help protect your organization from these kinds of threats.