The Inquirer-Home

Securities and Exchange Commission fails to encrypt sensitive information

Doesn’t consider adding ‘In’ to the start of its name
Fri Nov 09 2012, 10:08
Hacker

UNITED STATES FINANCIAL WATCHDOG the US Securities and Exchange Commission (SEC) has been accused of not being secure enough.

Reuters reports that staff at the SEC have failed to protect their computers with encryption, leaving it wide open to cyber attack. This sort of thing is always worrying, but the SEC information comes from places like the New York Stock Exchange, the NASDAQ stock exchange and the largest banking institutions on the planet.

We have attempted to contact someone at the SEC for comment. The Reuters report refers to "people familiar with the matter" as sources.

Computers at the SEC's Trading and Markets Division were left unprotected, according to these sources, but apparently no attacks were attempted against them. That is, presumably, until people started talking about there being unprotected computers at the SEC.

Ironically, the Trading and Markets Division is in charge of overseeing and encouraging standards at exchanges and financial establishments. Reuters says that it has just spent £200,000 eating its own dogfood as it sought to uncover and clear up its own lapses.

The SEC computers have been dangled in harms way already, it seems, and some of them were even taken to the Black Hat conference that is something of a hacking contest. No one seems to know why, though.

The security bumbling at the SEC is set to be revealed in an SEC report, according to Reuters. µ

 

Share this:

blog comments powered by Disqus
Advertisement
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Advertisement
INQ Poll

Coding challenges

Who’s responsible for software errors?