America's Securities and Exchange Commission (SEC) has joined the hunt for the FIN4 hacking group.
The bunch, revealed by FireEye in December 2014, used a phishing attack to get access to listed companies' computer systems. Their payoff was to get insider information to trade their targets' stocks.
According to Reuters, the SEC has contacted “at least eight listed companies” for information about their breaches.
The SEC investigation is running in parallel to another run by the US Secret Service, the usual authority for investigating cyber-crime.
In its original announcement, FireEye reckoned the spear-phishing attacks by FIN4 started in 2013 and had targeted “100 law, health care and pharmaceutical firms”, 98 of which were listed on NYSE or NASDAQ.
At that time, FireEye had been unable to establish di9rect evidence that the phishing attack had yielded information to run trades.
That makes the SEC's action intriguing: the regulator's been on the case for six months, and at least seems to believe it's worth looking for a smoking gun of some kind.
Former SEC Internet enforcement bod John Reed Stark told Reuters the action is a first for the agency, saying “failures in cybersecurity have prompted a dangerous, new method of unlawful insider trading”. ®