Memo Reveals SEC Forensics Unit Asked for Resources, Training Prior to 2016 Hack

Before the 2016 SEC hack, the newly-established forensics unit wrote a memo requesting updated equipment and training. The memo wasn't seen until this year.

A view of the Securities and Exchange Commission headquarters. Brendan Smialowski/AFP/Getty Images

Two months before the U.S. Securities and Exchange Commission’s corporate filing system was hacked in October 2016, the SEC’s forensics unit drafted a memo asking for better equipment and more training, Reuters reported.

Sign Up For Our Daily Newsletter

By clicking submit, you agree to our <a href="http://observermedia.com/terms">terms of service</a> and acknowledge we may use your information to send you emails, product samples, and promotions on this website and other properties. You can opt out anytime.

See all of our newsletters

The three-page memo, which was addressed to Carl Hoecker, the SEC’s inspector general, reported “serious deficiencies” in equipment, outdated cyber defense training, and a lack of communication with the SEC’s Office of Information Technology. The concerns were never addressed, according to Reuters.

The forensic unit’s staff was told to use old equipment that was due to be thrown out when they requested supplies. They ended up repurposing old hard drives. According to the memo, the 2017 hardware budget fell half a million dollars short of what the forensic unit needed.

It is not clear whether or not the deficient equipment and outdated training had any involvement with the 2016 SEC hack.

Hoecker created the forensics unit in 2015. The office was created to identify “threats to the SEC’s sensitive information systems” and provide “cyber security capability,” he told Congress in two public reports in 2015 and 2016.

Under Hoecker, the SEC Office of the Inspector General underwent restructuring in 2013.  He hired special agents who can carry firearms, conduct criminal investigations, make arrests and execute search warrants, something they were not permitted to do prior to 2013. The Digital Forensics and Investigations Unit was Hoecker’s way of creating more forensic support for his department’s investigations.

Despite a forensic unit proposal to conduct a full review of the SEC computer network, the inspector general’s office has not yet received real-time cyber updates, according to Reuters.

Memo Reveals SEC Forensics Unit Asked for Resources, Training Prior to 2016 Hack