Reuters | By: Sarah N. Lynch & Jim Finkle | October 06, 2017:
The U.S. Securities and Exchange Commission (SEC), Wall Street’s top regulator, has discovered a vulnerability in its corporate filing database that could cause the system to collapse, according to an internal document seen by Reuters.
The SEC’s September 22 memo reveals that its EDGAR database, containing financial reports from U.S. public companies and mutual funds, could be at risk of “denial of service” attacks, a type of cyber intrusion that floods a network, overwhelming it and forcing it to close.
The discovery came when the SEC was testing EDGAR’s ability to absorb monthly and annual financial filings that will be required under new rules adopted last year for the $18 trillion mutual fund industry.
The memo shows that even an unintentional error by a company, and not just hackers with malicious intentions, could bring the system down. Even the submission of a large “invalid” form could overwhelm the system’s memory.
The defect comes after the SEC’s admission last month that hackers breached the EDGAR database in 2016.
The discovery will likely add to concerns about the vulnerability of the SEC’s network and whether the agency has been adequately addressing cyber threats.
To read full article – please click here.