Login

SEC Breach Disclosure Rule Exploited by Cyber-Extortionists

SEC Breach Disclosure Rule Exploited by Cyber-Extortionists

The News: The BlackCat ransomware gang, also known as ALPHV, has filed a complaint with the US Securities and Exchange Commission (SEC) against a company that refused to negotiate with it. This is the start of what is likely to be a trend of cyberattackers utilizing the SEC’s forthcoming requirement for organizations to report material data breaches and cyber incidents, set to go into effect on December 15, 2023, to coerce payments.

SEC Breach Disclosure Rule Exploited by Cyber-Extortionists

Analyst Take: With cyberattacks growing ever more sophisticated and impactful to organizations of all industries and regions, the US SEC is implementing new legislation that requires public companies to disclose material cybersecurity incidents within 4 days of becoming aware of them. This legislation is being put in place for a few reasons:

  • Protecting investors from financial losses, reputational damage, and legal liabilities that can result from cyberattacks. This can also have the byproduct of increasing investor confidence, as a result encouraging continued or additional investment.
  • Increasing transparency, given the fact that cyberattacks can, and often do, have ripple effects across other companies – as a result negatively affecting markets’ overall stability.
  • Along a similar vein, coordinating detection and response to widespread attacks and uncovering new patterns or tactics that might be emerging among malicious actors.

The legislation comes on the heels of the lawsuit filed by the US SEC against observability and IT management software provider SolarWinds and its chief information security officer (CISO) on October 30. The lawsuit accuses investor deceit through misleading statements and omissions that concealed known security-related risks, vulnerabilities, and weaknesses in the aftermath of a cyberattack that occurred in 2020 and that affected a variety of US government and public sector organizations.

Already, this approach is a new tactic that cyber extortionists are using to coerce payments. Specifically, BlackCat has filed a complaint with the SEC against MeridianLink, a digital lending solutions provider to financial institutions, for alleged failure to disclose a breach that compromised customer data. This complaint followed BlackCat listing MeridianLink on its data leak website – an extortion tactic used by many ransomware gangs to pressure victims into paying the demanded ransom.

I anticipate that BlackCat will be far from the last ransomware gang looking to utilize the new SEC legislation to their advantage, given the uncertainty that exists as to what exactly defines a “material” data breach or compromise to security. It is also considering that CISOs already face increased and serious stakes because they can be held personally liable if their organization’s cybersecurity posture or data breach impact are deemed to be misrepresented. In fact, it raises questions about the efficacy of the new SEC rules until there is more clarity. One thing is certain, though. Cybersecurity, and as a result compliance, are dynamic and require constant vigilance and adaptation.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other insights from The Futurum Group:

Top Security Issues Organizations Need to be Paying Attention to in 2023: Six Five On the Road at .conf23

What Is Comprehensive Cyber-Resiliency? — Infrastructure Matters, Episode 4

CISA Launches RVWP, a New Ransomware Warning Pilot Program Designed for Critical Infrastructure Entities

Author Information

Krista Case

With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Prior to joining The Futurum Group, Krista led the data protection practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.

SHARE:

Latest Insights:

Altimeter and ARK Lead $100M Round in Hammerspace to Strengthen AI Infrastructure Performance
Brad Shimmin
Brad Shimmin

Altimeter and ARK Lead $100M Round in Hammerspace to Strengthen AI Infrastructure Performance

Brad Shimmin, VP and Practice Lead at The Futurum Group, examines why investors behind NVIDIA and Meta are backing Hammerspace to remove AI data bottlenecks and improve performance at scale.
Will Tableau’s New Enhancements Drive Use of Agentic AI Across the Enterprise
Brad Shimmin
Brad Shimmin & Keith Kirkpatrick

Will Tableau’s New Enhancements Drive Use of Agentic AI Across the Enterprise?

Looking Beyond the Dashboard: Tableau Bets Big on AI Grounded in Semantic Data to Define Its Next Chapter
Futurum analysts Brad Shimmin and Keith Kirkpatrick cover the latest developments from Tableau Conference, focused on the new AI and data-management enhancements to the visualization platform.
Partnering For Success: Field Alignment, Earnings, and Readiness with Google Cloud- Six Five On the Road
Tiffani Bova
Tiffani Bova

Partnering For Success: Field Alignment, Earnings, and Readiness with Google Cloud- Six Five On the Road

Colleen Kapase, VP at Google Cloud, joins Tiffani Bova to share insights on enhancing partner opportunities and harnessing AI for growth.
Ericsson Goes Wireless-First for AI Enterprises
Ron Westfall

Ericsson Goes Wireless-First for AI Enterprises

Ericsson Introduces Wireless-First Branch Architecture for Agile, Secure Connectivity to Support AI-Driven Enterprise Innovation
The Futurum Group’s Ron Westfall shares his insights on why Ericsson’s new wireless-first architecture and the E400 fulfill key emerging enterprise trends, such as 5G Advanced, IoT proliferation, and increased reliance on wireless-first implementations.
Become a Client

The Futurum Group

(833) 722-5337

501 West Ave., Suite 2102
Austin TX 78701

Linkedin Youtube Facebook

Welcome to The Futurum Group

Login to The Futurum Group
Login to Futurum Intelligence
Login to Futurum Labs Research Library

Book a Demo

Thank you, we received your request, a member of our team will be in contact with you.