As Russia’s attack on Ukraine continues, U.S. wealth management firms are vulnerable to cyberattacks emanating from Russia’s operatives, regulators are warning.

Even U.S. broker-dealers and registered investment advisory firms may be prime targets of the type of cyberattacks Russian operators have used to cripple Ukraine’s banking and government websites, the Department of Homeland Security said this week.

The Financial Industry Regulatory Authority and the Securities and Exchange Commission followed suit with notices asking firms to be on high alert for cyberattacks.

While there are no specific or credible threats to U.S. firms, authorities here are concerned that securities firms are prone to the same type of cyberattacks they say hobbled Ukraine’s banks and government websites on February 15 and 16.

Within two days of the attacks, U.S. agencies named spies from Russia’s Main Intelligence Directorate as the culprits.

Now regulators are asking wealth management firms to take precautions so that similar attacks don’t harm the securities industry here.

“Russia’s unprovoked attack on Ukraine, which has involved cyberattacks on Ukrainian government and critical infrastructure organizations, may impact organizations both within and beyond the region, particularly in the wake of sanctions imposed by the United States and our allies,” said the Cybersecurity & Infrastructure Security Agency, a unit of the Department of Homeland Security, on its “Shields Up” web page (cisa.gov).

“Every organization—large and small—must be prepared to respond to disruptive cyber activity,” the cybersecurity agency said.

The Cyber and Analytics Unit within Finra’s National Cause and Financial Crimes Detection program flagged both the FBI and “Shields Up” warnings about potential Russian cyberattacks targeting U.S. organizations—which they said are related to Russia’s destabilizing actions against Ukraine.

While smaller advisory firms may think they’re not worth Russian hackers’ time, they’re actually fair game. In fact, small businesses represent the majority of cybercriminal targets, according to Homeland Security.

At the same time, ransomware attacks—which allow hackers to disable a firm’s systems and seize prized data like financial records until a ransom is paid—have quadrupled in the U.S. since 2020, the agency reported.

To protect critical U.S. infrastructure, including the financial services industry, the Cybersecurity & Infrastructure Security Agency recommends firms take an active approach to cybersecurity issues. Specifically, they should:

• Quickly detect a potential intrusion;
• Ensure they are prepared to respond if an intrusion occurs;
• Maximize their organization’s resilience to cyber-incidents; and
• Immediately report them.

When these incidents “are reported quickly, we can use this information to render assistance and as a warning to prevent other organizations and entities from falling victim to a similar attack,” the agency said.

Finra said in its alert: “Implementing the recommended steps will assist your firm in protecting its critical assets, including confidential customer and firm information.”

The cyberattack warnings follow earlier reminders from Finra and the SEC about U.S. sanctions and their potential impact on investments.

“The U.S. government has imposed sanctions in response to Russia’s actions in Ukraine,” the regulator said. “Finra encourages member firms to continue to monitor the Department of Treasury’s Office of Foreign Asset Control (OFAC) website for relevant information.”

Finra also highlighted five major Russian financial institutions and the “Russian elites close to Russian President Vladimir Putin”—all now targets of the Treasury Department following an executive order from the White House.