Daily Management Review

SEC’s EDGAR database vulnerable to cyber threats


10/06/2017


The SEC has admitted to the existence of vulnerabilities in its EDGAR database, a repository which houses millions of filing of corporate America, not only in its internal memo, but also during a Congressional hearing. As a result, the implementation of the new rules that were adopted in 2016 for the $18 trillion U.S. mutual fund industry, is likely to be delayed.



As per an internal memo from the SEC, Wall Street’s top regular, the Securities and Exchange Commission (SEC), has discovered that its corporate filing database has vulnerabilities which could be exploited to cause a system collapse.

The SEC’s internal memo dated September 22, discloses that its EDGAR database, which contains details of financial performance of U.S. public limited companies and mutual funds, could be at risk of a “denial of service” (DOS) attack, which essentially floods the network with packets to such an extent that it overwhelms it and forces it to shutdown.

The SEC made this discovery while testing EDGAR’s ability to absorb monthly and annual financial filings required under new rules adopted in 2016 for the $18 trillion mutual fund industry.

As per the internal memo, even an unintentional error by a company, such as filing an “invalid” form, could overwhelm the system’s memory and bring down the entire system.

The finding of the vulnerability comes in the wake of SEC’s admission last month that hackers had been able to breach the EDGAR database in 2016 and had money money from the mined data.

The discovery lays further doubt on the SEC’s network capabilities and whether the agency has adequately addressed cyber threats.

It has been a while since the mutual fund industry has had concerns that the market-sensitive data that it needs to submit could be exploited in the wrong hands.

As a result, the industry has redoubled its efforts to stall and delay the data-reporting rules, which are set to go into effect in June 2018, until it is reassured that the information that it provides is secured.

Clearly, the SEC should postpone implementation of its data reporting rule until the security of those systems is thoroughly tested and assessed by independent third parties,” said Mike McNamee, chief public communications officer of The Investment Company Institute (ICI), whose members manage $20 trillion worth of assets in the United States.

We are confident Chairman Clayton will live up to his pledge that the SEC will take whatever steps are necessary to ensure the security of its systems and the data it collects.”

An SEC spokesman declined to comment.

Rules adopted in 2016, require asset managers to file monthly and annual reports vis-a-vis their portfolio holdings; the rules were designed to protect the mutual fund industry in the event of a market crisis by showing the SEC and investors that they have enough liquidity to cover a rush of redemptions.

On Wednesday, in a Congressional hearing, SEC Chairman Jay Clayton testified that the agency was weighing its options to delay the rules in light of emerging cyber concerns. Incidentally, he did not mention about EDGAR’s vulnerability to the DOS attack.


 


 


 

Source:

http://uk.reuters.com


 

 







Science & Technology

Dream Of Immortality Can Be Realised By 2045

Predicting A Patient’s Death Might Be Possible With Google’s Machine Learning Tool

Are online DNA databases dangerous?

Uber will identify drunk passengers

Experts found how automation will change markets

World's First Dedicated XR Platform Launched By Qualcomm

Hamburg becomes the first German city to ban old diesels

Hundreds Of Thousands Of Routers Have Been Hacked By Russians, Warns The FBI

Chinese Study Claims Heart Diseases Can Be Reduced By Having An Egg A Day

Asteroid mining: Reality or fiction?

World Politics

World & Politics

EU Reform Plans Disclosed By Merkel And Macron

USA launches the third round of the trade war with China

Italy says No to refugees

German experts: There’s no end to wars

G7 Picture Reveals Tensions Between U.S. And Its Close Allies

Pope Addresses The Oil & Gas Giants To ‘Respect’ COP21 Deal

G7 Does Not Welcome Russia: German Official

Trump-Kim Jong Un Meeting To Take Place, Confirms US President