By Robert D. Conca, Partner of Shustak Reynolds & Partners, P.C. posted on Thursday, June 3, 2021.
Ransomware Attacks Are Becoming More Frequent
Recent news reports are rife with stories about hacker groups launching cyberattacks against all types of companies in industries ranging from major fuel producers to food supply firms.
Ransomware [1] has emerged as the hack-du-jour and seems to be happening with more and more frequency. On June 7, 2021, the Department of Justice announced the recovery of $2.3 Million in cryptocurrency that was paid in connection with a May 8, 2021 ransomware attack. [2]
Investment Advisers Have Increased Cyber Responsibilities
Any company that experiences a cyber incident will have some difficult decisions to make about what to do and how to respond. Recovery is not always speedy or even possible.
Registered investment advisers (“RIAs”) face additional challenges when a ransomware (or any other cyber incident) occurs. The SEC expects RIAs, which are fiduciaries to their clients, to be more prepared to defend against such attacks and to have policies and procedures - that include a tactical “Incident Response Plan” - in place before an electronic attack occurring. [3]
RIAs Need a Well-Designed Cybersecurity Policy
In a 2020 Risk Alert dedicated to the topic of Ransomware, the SEC provided guidance to RIAs about the types of procedures to consider when creating cybersecurity policies and procedures. While the SEC did acknowledge that no one policy will be appropriate for all RIAs, the SEC suggested that cyber procedures include:
We encourage firms to review their Cybersecurity Policies periodically, but no less than annually, and to make regulatory compliance a priority. We can help.
Shustak Reynolds & Partners, P.C. focuses its practice on securities and financial services law and complex business disputes.
We represent many broker-dealers, registered representatives, investment advisors, investors and businesses.
Attorney Robert D. Conca can be reached in the firm’s San Diego office at (619) 696-9500.
[1] This form of cyberattack occurs when malware infects a firm’s electronic environment and encrypts the victim’s data until money (or digital currency) is paid to release it.
[2] See https://www.justice.gov/opa/pr/department-justice-seizes-23-million-cryptocurrency-paid-ransomware-extortionists-darkside.
[3] See discussion in a 2018 SEC Risk Alert relating to Observations from Cybersecurity Examinations, available here: https://www.sec.gov/files/observations-from-cybersecurity-examinations.pdf.