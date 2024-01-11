Persistent Cybersecurity Flaws at SEC Unveiled by Recent Hack

Unmasking the vulnerabilities of the U.S. Securities and Exchange Commission’s (SEC) cybersecurity, a recent hack has spotlighted the agency’s recurring issues. As the principal regulator for Wall Street, the SEC is now under scrutiny for not fully complying with federal cybersecurity standards. A glaring reflection of this noncompliance was the agency’s failure to implement multifactor authentication for its public-facing systems, as revealed in an internal review last year.

Independent Evaluation Unveils Additional Weaknesses

An independent evaluation conducted a year before the aforementioned review identified further weaknesses in the SEC’s security protocols. These weaknesses specifically pertained to the prevention of unauthorized network access, a fundamental security measure in protecting sensitive data. This revelation gains heightened significance in light of a significant breach in 2016 when the SEC’s corporate filings database was compromised, leading to hackers profiting from non-public information.

SEC’s Capacity to Safeguard Sensitive Data Questioned

These consistent shortcomings in cybersecurity have roused concerns about the SEC’s ability to protect sensitive financial data and maintain the integrity of the information it oversees. U.S. prosecutors have acknowledged the previous 2016 incident, further intensifying these concerns. The recent hack, which led to the unauthorized announcement of a bitcoin ETF approval on the SEC’s social media account, has caused significant market fluctuations and has put the SEC’s cybersecurity protocols, including the lack of two-factor authentication on their social media account, under the microscope.