Securities Litigation

In its April 27 Weekly Update, the Financial Industry Regulatory Authority’s (“FINRA”) National Cause and Financial Crimes Detection program urged FINRA member firms to review a cyber-threat alert arising from Russia’s invasion of Ukraine.

The Cybersecurity and Infrastructure Security Administration (“CISA”) issued an April 20, 2022, Advisory warning of increased Russian state-sponsored and criminal cyber threats in retaliation for Western support for resistance to Russia’s invasion of Ukraine. The cybersecurity authorities of Australia, Canada, New Zealand, and the UK issued the Advisory jointly.

The Cybersecurity Advisory warns of distributed-denial-of-service (“DDoS”) attacks and deployment of malware against critical infrastructure organizations and assets. The Advisory details prior identified Russian state-sponsored cyber attacks and threat actors.

The Advisory urges critical infrastructure organizations to prepare for and mitigate these potential cyber threats by immediately:

• Updating software, including operating systems, applications, and firmware on IT networks;
• Enforcing multi-factor authentication and password hygiene;
• Securing and monitoring remote-desktop protocol access;
• Reinforcing end-user awareness and training; and,
• Moving toward network segmentation.

The Advisory goes on to reiterate existing guidance on:

• Incident Response Planning;
• Identity and Access Management;
• Protective Controls and Architecture;
• Vulnerability and Configuration Management;
• Incident Response Reporting.

CISA Alert No. AA22-110A (April 20, 2022) may be found on the CISA website.

Thomas K. Potter, III (tpotter@burr.com) is a partner in the Securities Litigation Practice Group at Burr & Forman, LLP. Tom is licensed in Tennessee, Texas, and Louisiana. He has over 35 years of experience representing financial institutions in litigation, regulatory, and compliance matters.