In response to the “WannaCry” ransomware attack, the SEC’s Office of Compliance Inspections and Examinations (OCIE) has issued an alert (available here) warning firms that they should immediately evaluate whether their computer systems are operating properly and whether they have updated their operating systems to patch the vulnerabilities that the attack has exploited. The United States Department of Homeland Security also issued an alert (available here).
Last week and over the weekend, the WannaCry attack roiled industries throughout the world by exploiting a soft spot in the Microsoft Windows operating system that had been exposed through a hack of documents from the National Security Agency. This ransomware attack infiltrates your computer systems, encrypts your files, and then demands payment of $300 in bitcoin (an untraceable online currency) for the return of your files.
Given the kinds of information that firms store on their systems, particularly sensitive customer personal and financial information, all firms should review the OCIE’s alert (available here) and the alert published by the United States Department of Homeland Security (available here).