New York’s Department of Financial Services (DFS) has issued an industry letter to all regulated entities following recent events between the US and Iran.
Furthermore, the authority stressed the need for heightened cybersecurity precautions, as there is currently a heightened risk of cyber-attacks from hackers affiliated with the Iranian government. It is particularly concerning that Iran has a history of launching cyber-attacks against the US, and the financial services industry, according to the official press release.
While at the date of the press release January 4, 2020 there were no specific, credible, reports of new Iranian-sponsored cyber-attacks in the past few days, all regulated entities should be prepared to respond quickly to any suspected cyber incidents. Iranian-sponsored hackers have historically relied primarily on common hacking tactics such as email phishing, credential stuffing, password spraying, and targeting unpatched devices.
DFS recommends that all regulated entities ensure that all vulnerabilities are patched/remediated, ensure that employees are adequately to deal with phishing attacks, fully implement multi-factor authentication, review and update disaster recovery plans, and respond quickly to further alerts from the government or other reliable sources.
The post #Privacy: New York Department of Financial Services issues cybersecurity risk alert appeared first on PrivSec Report.