Cybersecurity Alert - FINRA Notifies Member Firms of CISA Advisory (AA23-165A)

Impact: All Firms

Firms without dedicated information security professionals may wish to review this information with any vendors who provide those services to the firm.

As FINRA continues to observe an increasing number of ransomware attacks impacting member firms, the Cyber and Analytics Unit (CAU) within FINRA’s Member Supervision program is highlighting an Advisory issued by the Cybersecurity & Infrastructure Security Agency (CISA) on June 14, 2023.

The Advisory was issued jointly along with the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and international partners from six countries. The purpose of the Advisory was to help organizations better understand the tactics, techniques and procedures (TTPs) used by affiliates of LockBit, which continues to be a prominent ransomware variant.

The Advisory was divided into several sections that provide technical details, the anatomy of an attack, mitigation strategies and additional resources that may be useful to FINRA member firms.

In addition to reading the Advisory, FINRA member firms are encouraged to review FINRA Regulatory Notice 22-29, which was issued in December of 2022. The Notice provides ransomware guidance for member firms, including key considerations and questions that firms can use to evaluate their cybersecurity programs in light of the sustained ransomware threat.

Questions related to this alert or other cybersecurity-related topics can be emailed to the CAU.