The United States Attorney's Office for the Southern District of New York ("SDNY") indicted three foreign nationals on charges of insider trading, wire fraud and computer hacking. The three defendants also were charged with allegedly trading on information stolen from the computer networks of two New York law firms. A parallel enforcement action brought by the SEC, which marks the first time the SEC has brought civil charges based on the hacking of a law firm's computer network, also alleges insider trading and other violations of the Securities Exchange Act.
In a Cadwalader memorandum, attorneys Joseph Moreno and Joseph Facciponti warned that hackers are becoming more creative in their choice of victims and in how they use the information they steal. They cautioned that companies must reconsider the kinds of data that are prone to being hacked and whether the companies' security protocols are sufficient to detect and prevent hacking. The attorneys explained that the case is a reminder to certain federal- and state-regulated entities that, soon, they may have to comply with new cybersecurity rules that will require robust policies and procedures governing how confidential data and computer networks are handled and protected.
Commentary
These prosecutions are departures from typical schemes in which cybercriminals use stolen information to make a quick profit through straightforward identity theft or credit card fraud. Instead, these cases reflect a growing number of increasingly sophisticated hackers who think carefully about the types of data that are available for theft and the means by which that data can be exploited to maximize profit-generating potential. Anyone who is in possession of sensitive customer or company data should remain vigilant, and take reasonable and appropriate steps to protect their systems from attack.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
