Compliance Need to Know: “It Doesn’t Happen….Until It Happens,” Cyber Security, Part III

To catch up on our story, click here.

Like any other morning, Tom got ready for work and tried to get to the office before Rebecca, but like every morning he didn’t. He did notice when he pulled into his parking spot and turned on his phone that he had several voicemails. “That’s odd,” he thought, “it's not even 9 o’clock yet. I’ll check them at my desk.”

Walking in the door, Rebecca wasn’t there, but he heard several voices in the back office. Danny and Rebecca were there on the phone and the computer. “Tom, thank god you are here! We have serious problems! We have the broker on the phone, and voicemail is being filled with client messages.”

“Wait, what happened?”

“Our network was breached, and there were some client accounts that were compromised.”

“How?! What about our security barriers?” Tom questioned as the blood left his face. “Which clients were affected? What systems were affected?”

“Sorry I can’t answer those questions right now,” Rebecca replied.

“Danny!”

“Hold on one minute,” Danny said into the phone as he put down. “We are trying to figure that out.”

“Throw me on speaker phone.” Tom angrily stated to Danny. “Rebecca, pull up the business continuity plan and give me the call tree. Every second counts people!”

“This is Tom Harling, principal of the firm.” As the speakerphone came on. “What the hell happened?”

“Hi, this is Andrea. Our fraud system detected unusual activity through your website and customer interface. Then we discovered unusual activity placed on clients’ accounts that you have discretionary authority over, and just in the past hour we have flagged some accounts that your clients haven’t given you authority over. All transfers have been stopped in all of your client accounts; however, some market trades on OTC stocks and options have been executed over the past 24 hours.”

“Bust those trades…NOW!” Tom almost yelling.

“OK we will Mr. Harling. Also, as a part of procedure, we have frozen all household accounts that could be affected and shut down your firm’s API with us.”

“Geez! Ok Andrea, email me the authorization forms at my secondary email address tomharding@hmail.com. We will respond and fax you those authorizations,” Tom stated as he hung up the phone. “OK, I’m getting the backup laptop and heading to our secondary location that is not on our network. Oh, we also have other interactive systems through our website. Danny shutdown the website ASAP ok.”

“OK,” Danny replied.

“Wait a minute, how will the clients get our contact information? Strike that for now. Keep the website up.”

“Tom, we have a splashdown page for our website just in case it goes down. All of the firm’s contact information is on there.”

“Great, take the website down.”

Rebecca came back with the call tree from the business continuity plan. “Thank you, Rebecca. Apparently, I’m supposed to call Susan right now. I’m heading to our secondary location right now and will be back here as soon as I can.”

Walking to the front door, Tom dialed Susan’s phone number, and hearing her phone ringing outside the front door, indicated that she was walking in. Susan’s face had panic written all over it, “Tom, what is going on?! The-“

“Susan,” Tom interrupted, “we have been hacked. Danny and Rebecca will fill you in. Right now, though, we are following our BCP. I need you to reach out to our reps in Austin, Plano and Oklahoma City and tell them not to VPN in and stay off their smartphones until we can get our computer consultants in here to figure out what’s going on. I’ll be back in thirty minutes.”

In most computer hacks, the victims don’t realize it until it is too late so it is crucial that an Adviser has a plan to respond to any threats to its operations. Having a splashdown page on your website with contact information for clients if your website goes down, a backup computer and location, and a call tree to contact all of your staff are crucial in times of crisis. Next week we will go into further steps that need to be taken in case of a cybersecurity breach.

For more information about our services, contact us by calling us at 1-833-RIACCIO, emailing us at info@riacc.io, or by clicking here to schedule a free consultation.

#Cybersecurity #Phishing #SecuritiesExchangeCommission #FINRA #StateSecuritiesRegulatoryAgencies #ComplianceNeedtoKnow #Formerregulators #NASAA #RIACCIO #Wereheretogetyouthere #CollinOBryant #ComplianceServices #RIACompliance #SEC #RIAComplianceConcepts #MeganCampbell #IvanBarretto