Memo Reveals SEC Forensics Unit Asked for Resources, Training Prior to 2016 Hack

A view of the Securities and Exchange Commission headquarters. Brendan Smialowski/AFP/Getty Images

Two months before the U.S. Securities and Exchange Commission’s corporate filing system was hacked in October 2016, the SEC’s forensics unit drafted a memo asking for better equipment and more training, Reuters reported.

The three-page memo, which was addressed to Carl Hoecker, the SEC’s inspector general, reported “serious deficiencies” in equipment, outdated cyber defense training, and a lack of communication with the SEC’s Office of Information Technology. The concerns were never addressed, according to Reuters.

The forensic unit’s staff was told to use old equipment that was due to be thrown out when they requested supplies. They ended up repurposing old hard drives. According to the memo, the 2017 hardware budget fell half a million dollars short of what the forensic unit needed.

It is not clear whether or not the deficient equipment and outdated training had any involvement with the 2016 SEC hack.

Hoecker created the forensics unit in 2015. The office was created to identify “threats to the SEC’s sensitive information systems” and provide “cyber security capability,” he told Congress in two public reports in 2015 and 2016.

Under Hoecker, the SEC Office of the Inspector General underwent restructuring in 2013.  He hired special agents who can carry firearms, conduct criminal investigations, make arrests and execute search warrants, something they were not permitted to do prior to 2013. The Digital Forensics and Investigations Unit was Hoecker’s way of creating more forensic support for his department’s investigations.

Despite a forensic unit proposal to conduct a full review of the SEC computer network, the inspector general’s office has not yet received real-time cyber updates, according to Reuters. Memo Reveals SEC Forensics Unit Asked for Resources, Training Prior to 2016 Hack