Most brokerages and advisers have had cyber attacksReprints
(Reuters) — U.S. brokerage firms and financial advisers are a routine target of cyber criminals, and some have lost money as a result of fraudulent emails requesting transfers of client funds, the U.S. Securities and Exchange Commission said in a report.
At least 88% of broker-dealers and 74% of advisers have been the target of cyber attacks, the SEC said Tuesday, citing findings from a cyber security examination program it conducted last year.
Most of the attacks were through fraudulent emails, some of which led to brokers losing more than $5,000, the report said. In one case, an adviser reported a loss of more than $75,000.
SEC Commissioner Luis Aguilar, a Democrat, said in a statement the examination showed that "cyber security is a persistent and growing threat, and that firms must take their cyber security duties seriously."
Cyber security is a growing concern for business, as highlighted by recent hacking incidents at The Home Depot Inc., Sony Corp. and JPMorgan Chase & Co.
The SEC's Office of Compliance Inspections and Examinations inspected 57 broker-dealers and 49 investment advisers for its "Cybersecurity Examination Initiative."
The report said a quarter of the incidents that led to losses resulted from employees not following their company's identity authentication procedures.
The examination found that the vast majority of brokerages conduct periodic risk assessments on a firmwide basis to identify cyber security threats and have adopted written information security policies.
Wall Street's industry-funded watchdog, the Financial Industry Regulatory Authority, issued a separate report on Tuesday that also identified hacking as a major threat facing brokerages.