DTCC Identifies Cyber-Attacks as Most Significant Risk to Financial Markets

DTCC Attorney

Securities Lawyer 101 Blog

On August 7, Depository Trust & Clearing Corporation (DTCC) released a report identifying threats to the stability of the financial markets.  DTCC considers cyber-attacks that can bypass U.S. and E.U. industry security systems and laws to be the most significant danger to our markets today.

Mike Leibrock, DTCC Vice President, of Systemic Risk stated that the report is intended “to initiate robust dialogue and help market participants gain a deeper understanding of how new or evolving systemic risks might impact the safety and soundness of global financial markets, and the steps the industry needs to take”.

DTCC’s report emphasizes that the systemic risks facing the global financial services industry are growing in complexity and are more difficult to anticipate.  DTCC’s report also finds that regulatory safeguards are either years from implementation or create new forms of risk that are constantly evolving.

Cybersecurity DTCC’s report identified cybersecurity risks as the top systemic threat facing global financial markets and associated infrastructures, including the threat of Distributed Denial of Service attacks, attacks against systems containing transaction records, and risk of disclosure of restricted, confidential or material non-public Information via compromise of internal systems.

DTCC identified the following risk objectives of cybersecurity attacks.

The objective of a Distributed Denial of Service (DDoS) attack is to cause market disruption by preventing business transactions (e.g., affect clearance, settlement and similar core functions).

The objective of an attack against systems containing transaction records is to cause market disruption by deleting, modifying or corrupting books and records of the financial industry.

The objective of causing disclosure of restricted, confidential, material non-public Information data via compromise of internal systems is to cause loss of trust in the U.S. financial systems, insider trading and other forms of market manipulation.

DDoS Attacks DDoS attacks have increased in the past year.  DDoS attacks typically attempt to flood the bandwidth and network connectivity between a financial institution and the broader Internet.  These attacks are carried out by sending a large volume of requests from compromised machines to the institution’s website.

Recently, these attacks have been launched from compromised servers (up to ~6000 servers), which have significantly more capacity and outgoing bandwidth.  For example, prior to 2012, the peak volumes of DDoS attacks against financial institutions were approximately one to two gigabits per second (Gbps).  Recent attacks have peaked at close to 150 Gbps, or approximately 15 times the provisioned bandwidth at a typical financial institution.

At least one private research provider in the securities markets, Promotion Stock Secrets, was the subject of a DDos attack on July 31 when their website was attacked.  The cyber-attack on http://www.promotionstocksecrets.com used the same technologies often found in large scale attacks against financial institutions such as banks, an indication that cyber-attacks are a growing threat in the financial services and other industries.

Advanced Persistent Threats Advanced Persistent Threats (APT) are stealthier because APT attacks are not public.  Their objective is not to disrupt Internet-facing communications, but rather to infiltrate an institution’s systems and monitor or ex-filtrate data to a server outside the firm.  APT attacks are very difficult to detect, unlike DDoS attacks, which are visible and often publicized prior to an attack.  In an APT attack the infected malware could be sent by a variety of means including e-mail attachments or compromised websites.  The attackers often use social networking tools to perform reconnaissance and identify key employees at a firm.  The attackers then compromise the machines of those individuals, and propagate horizontally and vertically within the target organization.

APT attacks are launched by hacktivists, nation states and paid hackers who are compensated by the amount of impact they have on the target.  These actors typically are outside the jurisdictional boundaries of industrially mature nations and thus very difficult to apprehend and prosecute.

Additionally, the compromised servers are often legitimate servers that were compromised because of vulnerability in their systems (e.g., not keeping the system patched to the latest version).

Other Risks to Financial Markets Identified
DTCC also identified several other risks in its report which are summarized below.

New Regulations DTCC also noted that the financial industry has expressed concerns that even though new regulations are well-intentioned and necessary, there is a danger that their scope and complexity may actually be creating unintended consequences or an entirely new set of risks.

Too Big To Fail DTCC expressed concern whether ongoing industry debate as to the “too-big-to fail” issue has been sufficiently resolved.  Even top U.S. banks control the vast majority of total assets within the sector and just a few provide some of the most critical services.

Collateral Shortage DTCC addressed concerns globally about potential risks associated with a future shortage of high quality collateral, possible pro-cyclical impacts of collateral requirements, along with operational challenges related to collateral management.

Interconnectedness Risk Inter-linkages among financial firms and infrastructures improve the effectiveness and efficiency of clearance and settlement activities and processes.  Inter-linkages  also create a complex network of interdependent legal, credit, liquidity, and operational risks.  Because of this, there is an increased systemic risk because of the increased potential for operational and other disruptions to spread quickly and widely through the financial system.

High Frequency Trading High Frequency Trading (“HFT”) has come under scrutiny in recent years due to events such as the so-called “flash crash” in 2010, the difficulties encountered during the initial public offerings of BATS Global Markets, Inc. and Facebook, Inc., and the Knight Capital trading glitch.  Some industry participants are at odds over the question of whether the benefits that HFT brings to the securities markets in terms of efficiency and liquidity, outweigh the technological challenges associated with this activity.

Business Continuity Risk Superstorm Sandy served as a reminder of unforeseen physical events.  While DTCC’s business continuity practices allowed the organization to continue to provide critical clearing and settlement services to the industry, a number of near-and long-term initiatives have been identified to further enhance DTCC’s resilience against a wide range of events.  DTCC is calling for closer and more continuous engagement and action among all key industry participants on this issue to reduce the systemic risks facing global markets.

For further information about this article, please contact Brenda Hamilton, Securities Attorney at 101 Plaza Real S, Suite 202, Boca Raton, Florida, (561) 416-8956, or visit www.securitieslawyer101.com.

This information is provided as a general informational service to clients and friends of Hamilton & Associates Law Group and should not be construed as, and does not constitute, legal and compliance advice on any specific matter, nor does this message create an attorney-client relationship. For more information concerning the JOBS Act, crowdfunding, emerging growth companies, Rule 144, Form 8K, FINRA Rule 6490, Rule 506 private placement offerings, Regulation A, Rule 504 offerings, SEC reporting requirements, SEC registration on Form S-1 and Form 10, Pink Sheet listing, OTCBB and OTCMarkets disclosure requirements, DTC Chills, Global Locks, reverse mergers, public shells, go public direct transactions and direct public offerings please contact Hamilton & Associates at (561) 416-8956 or by email at [email protected]. Please note that the prior results discussed herein do not guarantee similar outcomes.

Hamilton & Associates | Securities Lawyers
Brenda Hamilton, Securities Attorney
101 Plaza Real South, Suite 202 North
Boca Raton, Florida 33432
Telephone: (561) 416-8956
Facsimile: (561) 416-2855

Category: Blog Posts

Subscribe to our Newsletter

As Featured By: Quicken Small Business





Hamilton & Associates Law Group
101 Plaza Real South
Suite 202 North
Boca Raton, Florida 33432
Phone: 561-416-8956
Fax: 561-416-2855
https://www.securitieslawyer101.com
[email protected]
Categories
A+ Offerings and SEC Compliance
A+ SEC Reporting Requirements
A+ Reporting and Disclosure
A+ Secondary Sales
Accredited Crowdfunding
Accredited Investor Defined
Accredited Investor Verification
CF Crowdfunding SEC Reporting Requirements
Confidential Registration Statements
Control Person and Control Securities
Coronavirus - COVID-19
Coronavirus, SEC Extensions and Disclosures
Crowdfunding During Coronavirus - COVID-19
Corporate Hijackings
Crowdfunding
Crowdfunding Portals and Platforms
Direct Public Offering
Direct Public Offering Attorneys
Direct Public Offering SEC Reporting
Dormant Issuers
Draft Registration Statements
DTC Chills and Global Locks
DTC Eligibility
Dual Listing OTC Markets OTCQX
Due Diligence
Equity Crowdfunding
Exempt Direct Public Offerings
FINRA Rule 6490
Form 1-A of Regulation A
Form 3 Insider Report
Form 5 Insider Report
Form 10 Registration Statement
Form 10 Shell Companies
Form 10 Shell Risks
Form 10 SEC Reporting Requirements
Form 10-K
Form 10-Q
Form 211, FINRA Rule 15c-211
Form 8-A
Form 8-K
Form 12b-25
Form D
Form D Amendments
Foreign Private Issuers and Form F-1
Form F-1 Registration Statement
Form F-1 Registration Statement and Going Public
Form S-1 Registration Statement - SEC Review
Form S-1 Comments
Form S-1 Disclosures
Form S-1 SEC Filing
Form S-1 in Going Public Transactions
Form S-1 Quiet Period
Form S-1 Risk Factor Disclosures
Form S-1 SEC Review Process
Form S-1 Registration Statement
Form S-3 Registration Statement
Funding Portals
Going Public Attorney
Going Public Requirements
Going Public and raising Capital
Going Public for Foreign Issuers
Friends and Family Round
Going Public Law
Going Public Lawyer
Going Public Transactions
Initial Public Offerings
Intrastate Crowdfunding
Investor Relations 101
IPO Alternatives
Linkedin
Manipulative Trading
OTC Link
OTC Markets
OTC Markets Attorney
OTC Markets Dual Listings
OTC Pink Sheets
OTCQB Listing, Eligibility, Quotation
OTCQX Listing, Eligibility, Quotation
Penny Stocks
Periodic Reporting
Private Placements
Public Company SEC Reporting Requirements
Regulation A
Registered Direct Public Offerings
Regulation A
Regulation A State Blue Sky Requirements
Regulation A Offering Caps
Regulation A Form 1-A Disclosures
Regulation A SEC Reporting Requirements
Regulation A Secondary Sales
Regulation A State Blue Sky Requirements
Regulation A Tier 2 Direct Listing
Regulation A Testing the Waters
Regulation A Q&A
Regulation A Form 1-A Disclosures
Regulation CF
Regulation CF Reporting Requirements
Regulation D
Regulation D Bad Actor Ban
Restricted Legend Removal
Restricted Stock
Reverse Mergers
Reverse Merger Game Changers
Reverse Stock Splits
Rule 10b-5 and Securities Fraud
Rule 15c-211
Rule 504 Offerings
Rule 506(b) Offerings
Rule 506(c)
Rule 506(c) Covered Persons and Bad Actors
Rule 506(c) State Blue Sky Requirements
Rule 506(c) Offerings
SEC Actions & Administrative Proceedings
SEC Comments
SEC Draft Registration Statements
SEC Form S-1 Filing Requirements
SEC Investigations
SEC Registration Statements
SEC Reporting Requirements
SEC Trading Suspensions
Secondary Registration Statements
Secondary Trading
Penny Stocks
Section 4(a)(2) Exemption - Private Offerings
Section 4(a)(7) FAST Act
Seed Stockholders
Social Media
Schedule 14A
Seed Stockholders and Going Public
Schedule 14C
SEC Reporting Requirements
Selling Stockholder Disclosures
Short Sales and Regulation SHO
What Are Short Sales?
Spam, CAN-SPAM and Investor Relations
Sponsoring Market Maker, Form 211 and Rule 15c-211
Stock Scalping 101
Stock Promotion
Stock Spin-Offs
The Role of a Going Public Attorney
Twitter & Regulation A+
Wells Notices
What is Going Public?
What Is Accredited Crowdfunding?
What Are Short Swing Profits?
What Are Short Sales?
What is a Registration Statement?
What is Rule 144?
What are Restricted Securities?
What is Rule 506?
What is Form D?
What is a Private Placement Memorandum?
What is a Finder?
What is a Form 10 Registration Statement?
What is DTC Eligibility?
What is a Form S-8 Registration Statement?
What is Form 12b-25?
What are the OTC Markets OTC Pinks?
What Is the Regulation SHO Short Seller Rule?
What Is A Confidential Registration Statement?
What Are The OTC Markets?

About Us

Services
Practice Areas
Notable Representation
Going Public eBook by Securities Lawyer 101

Resources

Securities Lawyer 101 Dictionary
Securities Lawyer 101 Blog
Securities Lawyer 101 Forms
SEC Requests for Comments

The JOBS Act

Exempt Direct Public Offerings
Funding Portals
Crowdfunding
Accredited Crowdfunding
Crowdfunding Portals and Platforms
Going Public Attorney's Guide to Rule 506
Regulation D Bad Actor Ban

SEC Enforcement

SEC Actions & Administrative Proceedings
SEC Investigations
SEC Inquiries
SEC Wells Notices
Rule 10b-5
Manipulative Trading

Please Visit Our Affiliate Sites

www.jobsact101.com
www.gopublic101.com
www.gopublicdirect.com
www.reversemergers101.com

Hamilton & Associates Law Group P.A.

Going Public Lawyers
101 Plaza Real South, Suite 202 North
Boca Raton, Florida 33432
Telephone: (561) 416-8956
Facsimile: (561) 416-2855
www.SecuritiesLawyer101.com

Sitemap
RSS Feed
LinkedIn

SEC Law

SEC Comments
Spam
Restrictive Legends
Restricted Stock
Schedule 14A
Schedule 14C
Reverse Mergers
Corporate Hijackings
Dormant Issuers
Reverse Stock Splits
Reverse Merger Game Changers
Stock Spin-Offs
DTC Global Locks
Private Placements
Social Media
FINRA Rule 6490
Rule 506-c
Short Sales & Trading

Ask Securities Lawyer 101 Series

What is Going Public?
What Is Accredited Crowdfunding?
What Are Short Swing Profits?
What Are Short Sales?
What is a Registration Statement?
What is Rule 144?
What are Restricted Securities?
What is Rule 506?
What is Form D?
What is a Private Placement Memorandum?
What is a Finder?
What is a Form 10 Registration Statement?
What is DTC Eligibility?
What is a Form S-8 Registration Statement?
What is Form 12b-25?
What are the OTC Markets Pink Sheets?
What Is Regulation SHO?
What Is A Confidential Registration Statement?
What Are The OTC Markets?
What Are Short Sales?
What Is A Sponsoring Market Maker?

Subscribe to our Newsletter

OTC Markets

The Role of the Going Public Attorney
OTC Link
OTCQX Listing, Eligibility & Quotation
OTCQB Listing, Eligibility & Quotation
OTC Pink Sheets
OTC Markets

SEC Registration Statements

Direct Public Offerings
Initial Public Offerings
Due Diligence & the Going Public Attorney
Form S-1 Registration Statement
Form S-8 Registration Statement
Form S-3 Registration Statement
Draft Registration Statements
Confidential Registration Statements

Securities Exchange Act Registration

Form 10 Registration Statement
Form 8-A Registration Statement

Going Public Transactions

Going Public Law
Why Companies Need a Going Public Attorney
 Secondary Registration Statement
SEC Registration Statements
Form 211 & Rule 15c2-11
Sponsoring Market Makers
Depository Trust & Clearing (DTC)
Direct Public Offering Attorneys

Going Public For Foreign Issuers

OTC Markets Dual Listings
EB-5 Program & Going Public
Form F-1 Registration Statement
OTCQX Listing, Eligibility & Quotation

Public Company SEC Reporting

Form 10-K
Form 10-Q
Form 8-K

Copyright © 2024 · All Rights Reserved · Hamilton & Associates Law Group, P.A.