infosec-news January 2012 archive
Main Archive Page > Month Archives  > infosec-news archives
infosec-news: [ISN] SEC Push May Yield New Disclosures of Cyber

[ISN] SEC Push May Yield New Disclosures of Cyber Attacks on Companies

From: InfoSec News <alerts_at_nospam>
Date: Tue Jan 10 2012 - 07:48:56 GMT

By Michael Riley
Jan 9, 2012

China-based hackers rifled the computers of DuPont Co. (DD) at least
twice in 2009 and 2010, hunting the technological secrets that made the
company one of the world’s most successful chemical makers.

It’s not something investors would have learned from DuPont’s regulatory
filings, or from those of other companies victimized by hackers. The
10-K’s DuPont submitted to the U.S. Securities and Exchange Commission
over the period don’t identify hacking as even a significant risk, much
less reveal what two U.S. intelligence officials later said was a
successful case of industrial espionage.

Over the next three months, as publicly traded companies file 10-K’s,
investors may see new admissions of corporate networks being hacked
after the SEC said companies can’t continue to hold back the details of
those incidents.

As cyberspies from China, Russia and other countries ransack the
computer networks of one major U.S. and European firm after the next,
the SEC in October offered its new interpretation of disclosure
requirements as applied to cybercrime. The amount of information that’s
forthcoming will depend on whether company lawyers determine the
incidents had, or will have, a material effect on the enterprise.


Did a friend send you this article? Make it your
New Year's Resolution to subscribe to InfoSec News!