SEC Seeks Court Order in Investigation of Chinese Cyberattack

March 16, 2023 by Tom Ramstack
SEC Seeks Court Order in Investigation of Chinese Cyberattack
U.S. Securities and Exchange Commission

WASHINGTON — A Securities and Exchange Commission investigation of a Chinese cyberattack is being opposed by some of Washington, D.C.’s biggest law firms.

The SEC says it is trying to investigate the extent of 2020 cyberattacks in the United States, such as the one that penetrated computer servers of Covington & Burling and 298 of the law firm’s corporate clients.

The law firm says it seeks to protect the confidentiality of its clients by refusing to turn over the information.

The dispute in federal court coincides with an SEC proposal on Wednesday of more stringent cybersecurity rules for corporations, particularly in the financial industry.

In one set of 2020 attacks, the Chinese government is accused of compromising data of pharmaceutical companies doing COVID-19 research to steal their data on vaccines, treatments and other intellectual property.

In addition to monitoring financial transactions of the largest U.S. corporations, the SEC is appointed by Congress to ensure their cybersecurity. They can face fines for lax cybersecurity.

The SEC issued a subpoena to Covington & Burling last year asking the firm to turn over the names of clients that might have been affected by a Chinese military cyber intrusion.

When Covington & Burling refused, the SEC filed a lawsuit in January asking the U.S. District Court for the District of Columbia for an order to enforce the subpoena.

Covington & Burling, along with 83 law firms that joined in an amicus brief, argue the information sought by the SEC is confidential information protected under the Sixth Amendment as attorney-client privilege.

Covington & Burling also said in a Feb. 14 opposition brief filed in the case that the SEC hid its true motives.

The SEC is conducting a “fishing expedition” to target the firm’s clients, “despite the absence of any evidence to suggest that those clients or anyone else violated the securities laws,” Covington & Burling said in its brief.

In addition, “The SEC has not pointed to any suspected violation; instead, it is using the threat actor’s wrongful access to Covington’s network as an excuse to rummage through protected information to which the SEC would never otherwise have access,” the firm said.

The SEC responded by calling Covington & Burling’s accusations “hyperbolic and exaggerated.”

Instead, the agency said, “The commission needs this list to fulfill its congressionally mandated mission of protecting investors and regulating the public securities markets. And the commission has subpoenaed Covington because Covington alone possesses this information.”

Joining the amicus brief for Covington & Burling were Big Law firms Morrison & Foerster LLP, Kirkland & Ellis LLP and Latham & Watkins LLP as well as the U.S. Chamber of Commerce.

In a related move, the SEC is considering proposals it calls resilience projects to protect financial industry customers, such as the ones hit by the collapse last week in California of Silicon Valley Bank and by the financial crisis of 2008.

The commission’s leading proposal would require financial brokers, dealers, investment companies and investment advisors to adopt written policies on responding to unauthorized access to customer information. It would include procedures for notifying anyone affected by the security breaches.

SEC Chair Gary Gensler explained the need for the new cybersecurity procedures by saying his agency “has a responsibility to help protect for financial stability.”

The lawsuit in federal court is Securities and Exchange Commission v. Covington & Burling LLP, case number 1:23-mc-00002, in the U.S. District Court for the District of Columbia.

You can reach us at [email protected] and follow us on Facebook and Twitter

A+
a-
  • China
  • cyberattack
  • law firms
  • SEC
  • In The News

    Health

    Voting

    Cybercrime

    October 7, 2023
    by Dan McCue
    Hackers Access DC Voter Records

    WASHINGTON — Hackers breached the District of Columbia's Board of Elections website on Thursday, gaining access to 600,000 "lines" of... Read More

    WASHINGTON — Hackers breached the District of Columbia's Board of Elections website on Thursday, gaining access to 600,000 "lines" of U.S. voter data, including D.C. voters reports, city officials said. Sarah Winn Graham, the spokeswoman for the board, said a hacking group known as RansomVC claimed... Read More

    July 18, 2023
    by Tom Ramstack
    Congress Told AI Holds Great Risks and Benefits for US Military

    WASHINGTON — Artificial intelligence experts warned Tuesday during a congressional hearing of ominous dangers for the United States if it... Read More

    WASHINGTON — Artificial intelligence experts warned Tuesday during a congressional hearing of ominous dangers for the United States if it falls behind in developing the technology but a bright future by taking the lead. One of the greatest risks would be defending against a foreign enemy... Read More

    May 17, 2023
    by Tom Ramstack
    US Prosecutors Indict Russian for Ransomware Attacks

    WASHINGTON — The Justice Department indicted a Russian citizen Tuesday prosecutors accused of ransomware campaigns that netted him and his... Read More

    WASHINGTON — The Justice Department indicted a Russian citizen Tuesday prosecutors accused of ransomware campaigns that netted him and his conspirators about $200 million in stolen payments. The victims were mostly in the United States. They included nonprofits, hospitals and police departments, such as the Washington,... Read More

    March 16, 2023
    by Tom Ramstack
    SEC Seeks Court Order in Investigation of Chinese Cyberattack

    WASHINGTON — A Securities and Exchange Commission investigation of a Chinese cyberattack is being opposed by some of Washington, D.C.’s... Read More

    WASHINGTON — A Securities and Exchange Commission investigation of a Chinese cyberattack is being opposed by some of Washington, D.C.’s biggest law firms. The SEC says it is trying to investigate the extent of 2020 cyberattacks in the United States, such as the one that penetrated... Read More

    T-Mobile Says Data on 37M Customers Stolen

    BOSTON (AP) — The U.S. wireless carrier T-Mobile said Thursday that an unidentified malicious intruder breached its network in late... Read More

    BOSTON (AP) — The U.S. wireless carrier T-Mobile said Thursday that an unidentified malicious intruder breached its network in late November and stole data on 37 million customers, including addresses, phone numbers and dates of birth. T-Mobile said in a filing with the U.S. Securities and... Read More

    December 5, 2022
    by TWN
    Philip Morris International Taking Proactive Role to Help Consumers Know, Fight Illegal Trade

    WASHINGTON — Illegal trade isn’t good. It’s not good for companies who depend on the revenue from their products to... Read More

    WASHINGTON — Illegal trade isn’t good. It’s not good for companies who depend on the revenue from their products to expand and add jobs, and it’s certainly not good for the consumers who unknowingly shell out considerable sums of money for knockoffs that ultimately fall far... Read More

    News From The Well
    scroll top