Monetizing Cybercrimes: SEC Hack Could Potentially Lead to Market Manipulation

Monetizing Cybercrimes: SEC Hack Could Potentially Lead to Market Manipulation
©
Photo: PixabayUS16:38 23.09.2017(updated 21:49 23.09.2017) Get short URL125302

US equity markets could be manipulated by hackers trading with insider data possibly stolen from the US Securities and Exchange Commission (SEC), Stephen Neville, associate professor of software engineering at the University of Victoria, told Sputnik.

The market regulator revealed that its electronic database was hacked in 2016. However, the commission learned that the breach could have been exploited for illicit trading only a month ago.

When asked what kind of information the commission stores, how important it is and what ramifications this security breach may have in the long term, Stephen Neville said that the SEC deals with financial data submitted by public companies.

Regarding the steps the SEC was going to take as an agency to make sure that no such things ever happen again, he said that all modern organizations need to update their security protocols to keep pace with the ever-changing methods used by hackers.

“The focus of cybercrimes is now to convert these attacks into money; it focuses on high-value targets such as data bases, credit card numbers, and personal identity data that can be very attractive to them, etc. So this is an ongoing challenge for organizations,” he added.

When asked what he would recommend to financial services companies, which have recently faced an increase in cybercrime activity, to best protect themselves, Neville said that they should review their security arrangements, regularly update their processors, etc.

“They need to deal with this problem both from technical and organizational standpoints. Sometimes people use weak passwords. They should be told not to do that, so there is a huge social piece to that,” he concluded.

Meanwhile, the SEC chairman Jay Clayton said that a review of the cyber-attack is underway.

He added that the hack occurred due to a software vulnerability within the agency’s databases.

The SEC owns datasets of sensitive and confidential information that could be used for insider-trading or manipulating US equity markets.

Source.