Search

COVID-19 and Cybersecurity – Remote Access Services

20-0100
Type: Education Notice
Distribute internally to:
Corporate Finance
Credit
Institutional
Internal Audit
Legal and Compliance
Operations
Registration
Regulatory Accounting
Research
Retail
Senior Management
Trading Desk
Training

Contact:

Suzanne Lasrado
Senior Manager, Financial & Operations Compliance
Telephone:
416-943-5880
Email:
Email
Ryan Li
Director, Information Security
Telephone:
416-943-5890
Email:
Email

This Notice is for IIROC Dealer Members who use remote access services (e.g. Virtual Private Network – VPN, remote desktop, etc.) to support work from home arrangements.

Over the last couple of months, IIROC has issued Notices to firms and to advisors and employees to alert them to increased cybersecurity threats related to the pandemic.

We continue to see evolving cybersecurity threats, this time related to the use of remote access services with attackers increasingly targeting and exploiting its vulnerabilities.

Background

Remote access service vendors have advised that potential vulnerabilities are being leveraged to gain access to internal networks of various organizations. Attackers have been observed actively scanning for vulnerable configurations. Once access is gained, attackers can remain undetected and will look to obtain additional privileges to launch future attacks such as ransomware or data exfiltration.

What to do?

Firms must continue to apply general security precautions and actions to all computing resources with vigilance to external facing components such as remote access services.

We strongly recommend that your Information Technology department or services provider does the following:

  1. Patch all systems – ensure security patches and secure configurations are applied in a timely manner according to vendor recommendations.
  2. Monitor network environments – continue to monitor your environment for any anomalous behaviour (e.g. brute force attacks, irregular login/network activity, etc.). Take immediate action including password resets for any suspected breaches.
  3. Implement multi-factor authentication (MFA) – ensure MFA is implemented and enforced for all users when logging in from an external network.
  4. Install anti-virus/anti-malware solutions and updates – ensure anti-virus/malware tools are in place and up to date with the latest indicators of compromise on servers, end points, and network.

Other resources

Further information and resources on managing cybersecurity threats, including guides and webinars, are available on IIROC’s cybersecurity site.

Welcome to CIRO.ca!

We have a new look! Today is the first day you can find the Canadian Investment Regulatory Organization (CIRO) at CIRO.ca with our fresh look and feel.

You can now find new publications published by CIRO since January 1, 2023 on CIRO.ca. If you are looking for past notices or bulletins published by MFDA or IIROC, you can find those on our legacy websites. Enforcement related content will continue on those websites as well.

You can now find previous Annual Reports and Enforcement Reports on CIRO.ca, along with Halts and Resumption, and our ePublications sign up (for all previous MFDA and IIROC subscriber lists).

We will continue moving items off MFDA and IIROC in 2023/2024. Stay tuned for future updates.

Visit the Canadian Investment Regulatory Organization website

In this section