Take Stock In Your Security: Data Breach In Major Newswire Companies Leads To $100 Million In Illegally Traded Securities

By Eric Noonan • August 14, 2015

The Federal Bureau of Investigation recently announced that nine people were charged in the largest known computer hacking in a securities fraud scheme.  In this case, more than 150,000 press releases were stolen over a period of five years using malware and phishing attacks to get logon credentials.  While any data breach or intellectual property theft is concerning, this breach involved press releases about upcoming announcements by public companies concerning earnings, gross margins, revenues, and other confidential and financial information.  The hackers, in conjunction with other traders and known accomplices, traded stocks ahead of more than 800 stolen press releases.

The Significance of this Case

What makes this case different from other data breaches in the past is that it shows that cybercriminals are seeking new avenues of exploitation and becoming more sophisticated.  Over the last two years, hackers have targeted major retailers and US government personnel.  According to media sources, this criminal case “marks the first US prosecution alleging a securities fraud scheme using hacked inside information.”

Be Proactive: 3 Reasons to have an Information Security Assessment

1: Self-awareness

Now is the time for companies that haven’t given information security enough attention to take a proactive stance to improve their cyber defense capabilities. Typically by way of an information security assessment, to identify and address areas of weakness before they are exploited.  A lack of information security or cyber defense resources is no excuse for a failed understanding of a company’s technology and security risks.

2: Unbiased Assessment

Independent information security consulting firms can serve as a great way to get an unbiased assessment of information security programs maturity and identify gaps that should be addressed by application of security controls.  These assessments often provide significant value and can also identify where there is an excess of security tools, or where a company lacks staffing resources to use their tools operationally.

3: Valuable Tool

If you haven’t already, check out this blog post on why security assessments are a valuable tool. Independent information security consulting firms like CyberSheath Services can review your security program, assess the posture of your cyber defense capabilities, and help protect your organization from these kinds of threats.

Cybersheath Blog

CMMC Compliance Dashboard: Gain New Visibility into Compliance

CMMC is not a compliance framework. It’s a maturity model. That has big implications for how you approach compliance, but also how you keep track of all the elements that make up compliance. And yet, visibility has been one of the most difficult challenges facing DIB contractors. It used to…

CMMCEnclave: Add Versatility with a More Flexible Approach

The enclave approach to CMMC compliance is one of the most cost effective and least disruptive ways to safeguard CUI. You can maintain high-value custodial security of CUI without upending your existing processes, procedures, and people. That way, you can maintain the proper level of CMMC compliance and remain eligible…

How to Offboard Your Managed Services Provider

For any of a variety of reasons including lack of communication, slow response times, or prolonged downtime, your organization has decided to change your managed service provider (MSP). Whether you have already signed an agreement with a new MSP or you are actively looking for a replacement, now is the…

Our Trusted Partners

Cyberark McAfee Thycotic RSA Tenable Alien Vault Alert Logic Microsoft