A recent hacking attack on the U.S. Securities and Exchange Commission (SEC) has brought to the surface agonizing details about "SIM swapping" that compromised its official X (formerly known as Twitter) account.
The hacker took control of a staff member's cell phone number via SEC's telecom carrier, gained unauthorized access to the @SECGov account and published a false post on Jan. 9 regarding the approval of spot bitcoin ETFs.
SEC Chairman Gary Gensler's consequent explanation on his own account brought Bitcoin's value back down to around $45,000 after a momentary surge to $47,897. The SEC confirmed that there is no longer any evidence of access to SEC systems, data, devices, or other social media accounts by the unauthorized party. Multi-factor authentication for the X account which was deactivated in July, have also been reactivated after the incident as a precautionary measure.
The SEC is actively partnering up with law enforcement agencies to resolve the issue and also the social engineering tricks the hackers utilized. The U.S. Justice Department, FBI, and the Department of Homeland Security's cyber unit are vigorously investigating the attack. The primary focus is on figuring out how the unauthorized party had the telecom carrier to do the SIM swap and got hold of the phone number linked to the account.
SEC Spokesperson Jennifer Schonberger provided an update of the ongoing investigation, "The SEC is continuing to work with the FBI, the DOJ, and the cyber division of Homeland Security to determine just how this person was able to find out the phone number associated with the SEC's X account and how they were able to get the carrier, the phone carrier to actually give them that information so they could access it. So still some more fallout here to come."
William Glazier, Director of Threat Research at Cequence Security, emphasized the multi-faceted nature of these attacks and the distribution of roles among the parties involved, i.e. the individual (SEC), the platform where the Account Takeover took place (X), and the telecom provider (undisclosed). He also suspected whether multi-factor authentication (MFA) was legitimately the primary reason for the breach and expressed that threat actors often solicit abuse of a telecom's API even before an attack like SIM swapping.
"Originally, these attacks flourished as a means for criminals to hijack an individual's cryptocurrency wallet or account, but they're now being weaponized by other criminal actors and nation-states for a much wider range of uses," stated Pierson, a former member of the Department of Homeland Security's Cybersecurity Subcommittee and Privacy Committee.
The incident made lawmakers press the SEC for possible explanations and interrogate how vulnerable the regulatory body was to such an attack while being in charge of scrutinizing the cybersecurity requirements of publicly traded companies.
Responding to the incident, the SEC officially approved 11 bitcoin ETF applications from Fidelity, BlackRock, VanEck and other issuers. Though this approval was much needed for investors to secure better exposure to bitcoin, it raised concerns about being a "sell the news" action. Bitcoin's value also plunged to its lowest point in about two months, dropping below $38,000.
Despite the instant market reaction, experts has a positive outlook about the long-term prospects of cryptocurrency. As the investigation unravels, it has not only impacted the perception of the SEC's cybersecurity measures but has also raised questions about the broader implications of such attacks on financial markets and regulatory bodies.