Skip to main content

The attack forced traders to resort to manual methods of confirming trades and delayed regulatory data releases. Read More

·3 mins

Image

Regulators Got Tough on Cyber in 2023 as Crime Soared #

Significant third-party breaches and attacks against high-profile targets characterized 2023 in cybersecurity, but governments and regulators also focused their attention on how to tackle security for years to come. A late-year resurgence in ransomware and nation-state attacks, however, poses a troubling outlook for 2024.

Tap story #

A cyberattack against a company that supports the plumbing of derivatives markets sent a warning shot across the financial industry.

Suffolk County, N.Y., began restoring public services after a ransomware attack in late 2022 knocked critical systems offline. The hack was a long-running affair for the county government, which spent over $5 million on recovery.

The Biden administration published the latest iteration of the U.S. National Cybersecurity Strategy. The sprawling plan includes measures to hold software developers accountable for faulty products and signals tougher regulation for critical infrastructure sectors in the future.

Former Uber Technologies security chief Joe Sullivan avoided prison time for his actions during a 2016 data breach at the company. The case had been closely watched by the cybersecurity industry for how it could set a precedent for prosecutions of security executives.

An attack on a popular MoveIt file-transfer tool compromised data from thousands of companies. Government agencies and officials were caught in the attacks, which researchers linked to Chinese hackers.

The U.S. Securities and Exchange Commission approved strict new rules on cybersecurity requirements for listed companies. The rules oblige them to publicly report cyberattacks that have a material impact on business operations and to describe their cyber risk management processes.

New York Gov. Kathy Hochul reveals the state’s first-ever cybersecurity strategy, which promises stricter regulation for critical infrastructure operators and help for cash-strapped counties by providing free security tools. Officials hope it will be a blueprint for other states.

MGM Resorts International is crippled by a cyberattack, which disrupted hotel and casino operations at its properties across Las Vegas and elsewhere. Caesars Entertainment, another casino operator, also came under attack over the summer, paying a ransom to restore systems.

Cisco Systems agreed to buy a cyber company for $28 billion in a cash deal, marking a significant upset of a cyber market that had been roiled throughout 2023 by layoffs, company collapses, and difficult investment rounds.

The House Oversight and Accountability Committee holds a hearing on ransomware, which has ripped through hospitals and schools since the start of the Covid-19 pandemic. A witness testifies about an attack that cost $65 million and left facilities debilitated for weeks.

The SEC sued SolarWinds over disclosures relating to its 2020 breach, which the U.S. blamed on Russian intelligence.

The U.S. arm of the Industrial and Commercial Bank of China had to be unplugged from financial markets after a ransomware attack, sending shocks through the financial industry. The attack had a minor impact on Treasury trading, but added to concerns that a more significant hack could severely impact the economy.