Cyberattacks Soar During the Pandemic - How Regulators Responded

Advisor Perspectives welcomes guest contributions. The views presented here do not necessarily represent those of Advisor Perspectives.

Cyberattacks have become so common that it is no longer a question of if a broker dealer, investment advisory firm or financial institution (collectively, “financial firms”) will suffer an attack, but when an attack will occur. In my 19 years as a trial attorney focused on securities and business disputes, I can confidently say that there’s always room for proactive strategies that anticipate negative events. As financial firms rely more on online and out-of-office platforms and services, especially during the COVID-19 pandemic, the likelihood increases that proprietary and confidential, nonpublic customer information (“NPI”) is stolen, deleted or ransomed. Financial firms need to understand the different cyber threats and the defensive measures to protect against attacks.

Covid-19 and cyberattacks

As financial firms rely on work-from-home environments during the pandemic, cyberspace vulnerabilities are heightened. The Financial Crime Enforcement Network (FinCEN) recently encouraged financial institutions to, “remain alert about malicious and fraudulent transactions similar to those that occur in the wake of natural disasters.” According to a VMware Carbon Black report, “[f]rom the beginning of February to the end of April 2020, attacks targeting the financial sector have grown by 238%” and “80% of surveyed financial institutions reported an increase in cyberattacks over the past 12 months, a 13% increase over 2019.”