Hack at the SEC likely to have led to insider trading.

Risay117 | Heroic Unstoppable!
more |
Steam: risay117
ID: Risay117
IP: Logged

2,965 posts
Knowing how this board is filled with stupid click bait headlines based on the same old topics of race and religion, using the same talking point that have been repeated to death that they make my ears hurt due to the level of basic stupidity in these conversations, I decided to switch the fucking discussion with something at least more worthy of discussion and something new.

"Hack at U.S. market regulator displays persistent government cyber woes" - http://www.reuters.com/article/us-sec-cyber-government/hack-at-u-s-market-regulator-displays-persistent-government-cyber-woes-idUSKCN1BW2X5

A major computer hack at America's top stock market regulator is the latest sign that data stored in the highest reaches of the U.S. government remains vulnerable to cyber attacks, despite efforts across multiple presidencies to limit high-profile breaches that are so frequent many consider them routine.

In recent years, nation-state and criminal hackers, as well as rogue employees, have stolen data from the Internal Revenue Service, the State Department and intelligence agencies, including millions of government employee files allegedly exfiltrated by the Chinese military, U.S. officials say.

The Securities and Exchange Commission (SEC), America's chief stock market regulator, said on Wednesday that cyber criminals may have used data stolen last year to make money in the stock market, making it the latest federal agency to grab headlines for losing control of its data.

At the same time, being only the latest major breach is not special, said Dan Guido, chief executive of Trail of Bits, which does cyber security consulting for the U.S. government.

"It simply reflects the status quo of our digital security," said Guido, who is a former member of the cyber security team at the Federal Reserve, America's central bank.

Central bank officials have detected dozens of cases of cyber breaches, including several in 2012 that were described internally as "espionage."

The U.S. federal government has sharply increased funding dedicated to protecting its own digital systems over the last several years, attempting to counter what is widely viewed as a worsening national security liability.

But as one of the world's largest collectors of sensitive information, America's federal government is a major target for hackers from both the private sector and foreign governments.

"When you have one central repository for all this information - man, that's a target," said Republican Representative Bill Huizenga, chairman of the House subcommittee on Capital Markets, Securities, and Investment, which oversees the SEC.

Last year, U.S. federal, state and local government agencies ranked in last place in cyber security when compared against 17 major private industries, including transportation, retail and healthcare, according to benchmarking firm SecurityScorecard.

An update of the rankings in August showed the U.S. government had improved to third worst, ahead of only telecommunications and education.

"We also must recognize - in both the public and private sectors, including the SEC - that there will be intrusions, and that a key component of cyber risk management is resilience and recovery," said SEC Chairman Jay Clayton.

The federal government audits cyber security measures every year at top agencies, producing reports that routinely expose shortfalls and sometimes major breaches. The Federal Bureau of Investigation also looks for hacking attempts and helped spot an alleged intrusion by Chinese military-backed hackers into a major banking regulator between 2010 and 2013.

Weekly scans of government systems by the Department of Homeland Security showed in January that the SEC had critical cyber security weaknesses but that vulnerabilities were worse at three agencies, including the Environmental Protection Agency, the Department of Health and Human Services and the General Services Administration.

Some agencies said they had improved their cyber security posture since that report.

A GSA spokeswoman said the agency has not had any critical vulnerabilities in the past six months, and that the ones identified in January were patched in under 10 days.

A Department of Labor spokesman said all identified vulnerabilities had been fixed and that its systems were not compromised by the identified flaws.

But, he added, "addressing vulnerabilities associated with legacy systems can be challenging."

(Reporting by Dustin Volz in Washington and Jason Lange in New York; additional reporting by Jonathan Spicer in New York and Sarah N. Lynch in Washington; editing by Andrea Ricci and Cynthia Osterman)

As the hacks have hit a number of financial institution and at increasing costly damage. It seem many institutions have ignored the threat and are getting away with throwing cyber security under the bus when it comes to funding.

It also seems there has been a disconnect between government security bodies with defense planning with groups like NSA focusing on offensive planning creating gaps and undermining international standards, by purposefully creating backdoors and weakening the ISO standard. This has led to the world pushing back at any future attempts by NSA to propose any future ISO standards.


As the cyber space is still free and open, it seems standards are little if not non-existent. This allows for a wild west situation z where multiple nation's and private groups have gone crazy on the internet attacking each other. This has potential of becoming quite a dangerous escalation, with Stuxnext showing how close one can go from virtual to.phsyical damage to an organization, which could in a sense lead to an escalation of war. Not only this, this attempt of arms race has become increasingly dangerous and have backfired against the US and other nations.

This wild west scenario has caused some to call for a code of conduct and a certain guideline to how to approach nefarious activity whether state sponsored or not, and to define what consists an act of war or a sanctionable offense.

Anyway thoughts on this?
Last Edit: September 22, 2017, 02:09:58 PM by Risay117

Dietrich Six | Mythic Inconceivable!
more |
ID: DietrichSix
IP: Logged

11,694 posts
Excuse me, I'm full of dog poison
Zero comments