A new warning has been issued to broker-dealers in the financial industry regarding the ongoing threat of cyberattacks, reports InvestmentNews.
The Financial Industry Regulatory Authority sent an alert last week due to what it called an increased threat of ransomware potentially impacting FINRA member firms.
FINRA said its Cyber and Analytics Unit, within its Member Supervision program, called attention to a recent advisory issued by the Cybersecurity & Infrastructure Security Agency (CISA).
The CISA advisory, issued jointly with the FBI, was to help organizations understand the tactics used by the Cl0p Ransomware Gang, which utilizes a file transfer solution provided by Progress Software to obtain unauthorized control of an affected system. The threat is targeting critical infrastructure sectors, including the financial services sector.
The CISA advisory included technical details, mitigation strategies, and additional resources that may be useful to financial firms, according to FINRA.
FINRA also reminded firms of its own guidance on the cybersecurity topic. Regulatory Notice 22-29, issued in December 2022, provided ransomware guidance for member firms, including key considerations and questions that firms can use to evaluate their cybersecurity programs in light of the continuing ransomware threat.
The authority said it has received reports about increasing numbers and sophistication of ransomware incidents, involving bad actors gaining unauthorized access to firm systems and encrypting or otherwise accessing sensitive firm data or customer information, then holding that hijacked data for ransom. “The broad scope and complexity of ransomware attacks require firms to implement strategies that include maintaining security with multiple layers of defense,” FINRA said.
The attorneys at Lewitas Hyman understand the complexities that come with being the subject of a regulatory inquiry by the SEC, FINRA, and other self-regulatory organizations, and we have the experience to guide and advise you through any type of regulatory investigation. If you are the subject of a regulatory proceeding, contact us at (888) 655-6002 or through our online contact form for a free consultation.