The news is by your side.

The SEC Social Media hack that caused the Bitcoin price to skyrocket sparked investigation

Uncategorized
0

The hack of a social media account used by the Securities and Exchange Commission is prompting both internal and external investigations into how the security breach occurred and whether anyone tried to profit from it, according to the commission and several legal experts.

The SEC said in a statement Wednesday that it was coordinating its own investigation into the hack that occurred the day before “with appropriate law enforcement agencies, including the SEC Office of Inspector General and the FBI.”

John Reed Stark, a former SEC enforcement attorney and cybersecurity regulatory consultant, said the commission’s inspector general should investigate how a hacker could gain access to the SEC’s official account on false message that the committee had posted. approved several Bitcoin investment products.

“This is unfortunately a blatant failure of basic cyber hygiene,” Mr. Stark said.

He also said federal prosecutors would most likely open a separate investigation into whether the hack was part of an effort to profit from changes in Bitcoin’s price increases. Mr Stark added that it did not matter whether the hackers made money trading during the 15 minutes the post was online, but whether they had the criminal intent to do so.

Daniel Hawke, a partner at the law firm Arnold & Porter and former director of the SEC’s market abuse division, said the fake post had all the hallmarks of an attempt to “manipulate the crypto markets.”

A Justice Department spokesperson declined to comment. A spokesperson for the SEC Inspector General said: “We are currently evaluating the circumstances and reviewing the SEC’s statements.”

In a message Tuesday evening X said the hacker had used a phone number linked to the SEC account, and the government agency did not have “two-factor authentication” in place to prevent unauthorized access.

Last year, X owner Elon Musk announced changes to the way users can deploy two-factor authentication to secure access to their accounts. It is not clear how the S.EC. responded to these security changes.

This isn’t the first time the SEC has been hacked.

In 2017, the SEC announced that hackers had breached the commission’s Edgar filing system — the computer database that publicly traded companies and investment funds use to file regulatory filings and disclose potentially market-moving information to investors.

The breach prompted a major law enforcement investigation; In 2019, federal prosecutors charged two Ukrainian nationals with hacking into the database and stealing classified information that they could trade or sell to others.

In September, the SEC Inspector General’s office issued a letter which found that the committee had “made progress in implementing” government-wide cybersecurity standards but had not completed all required steps. The inspector general had asked the SEC about steps it had taken to protect “public systems that support multi-factor authentication.”

During Cybersecurity Awareness Month in October, SEC Chairman Gary Gensler posted about the importance of digital security. “This is a reminder to secure your financial accounts and protect yourself from identity theft and fraud,” he posted on X on October 23rd. He listed several steps, including “setting up multi-factor authentication.”

In July, the SEC adopted a rule requiring publicly traded companies to promptly report cybersecurity incidents and annually disclose information about their cybersecurity risk management. In announcing the rule, Mr. Gensler said that “whether a company loses a factory in a fire – or millions of files in a cybersecurity incident – ​​it can be of great interest to investors.”

The fake X-post stating that the SEC had approved several Bitcoin exchange funds allegedly from Mr. Gensler included his photo. About 15 minutes after it appeared, Mr. Gensler said on his own X account that the message on the SEC account was an “unauthorized tweet.”

The scam initially caused the price of Bitcoin to rise before falling back.

Under Mr. Gensler, the SEC has used his X account to post messages and video presentations to the investing public.

David Yaffe-Bellany reporting contributed.

You might also like More from author

Leave A Reply

Your email address will not be published.