The FBI’s Internet Crime Complaint Center (IC3) 2021 report released in March highlighted an “unprecedented increase in cyberattacks and malicious cyber activity” resulting in a dramatic escalation in financial losses.
In 2021, IC3 received 847,376 complaints from consumers and businesses – a 7% increase from 2020 – with potential losses exceeding $6.9 billion. Most significantly for the title insurance industry, business email compromise (BEC) schemes resulted in losses of nearly $2.4 billion, up 33% from 2020.
In its report, the IC3 identified Russia as a hot spot for cyberattack actors in 2021. In recent weeks, the risk of those cyberattacks has grown exponentially in retaliation for the many sanctions imposed on Russia following its invasion of Ukraine on Feb. 24.
On March 21, President Biden released a statement highlighting the imminent threat to our nation’s cybersecurity. That same day, Deputy National Security Advisor Anne Neuberger said in a press briefing, “We’ve previously warned about the potential for Russia to conduct cyberattacks against the United States, including as a response to the unprecedented economic costs that the U.S. and allies and partners imposed in response to Russia’s further invasion of Ukraine. Today, we are reiterating those warnings, and we’re doing so based on evolving threat intelligence that the Russian government is exploring options for potential cyberattacks on critical infrastructure in the United States.”
These imminent threats are a reminder of how important it is to take the necessary steps to protect your agency and your customers.
Alliant National has just released a white paper titled Escrow Fraud/Social Engineering: Recent Schemes and Prevention Tips to provide our agents with information, risk factors and protocols that will help you partner with consumers, real estate agents and lenders to defend against the fraudsters.
In addition, the Biden Administration released a Fact Sheet, urging companies to take immediate steps to protect their systems, including:
- Mandate the use of multi-factor authentication on your systems to make it harder for attackers to get onto your system
- Deploy modern security tools on your computers and devices to continuously look for and mitigate threats
- Check with your cybersecurity professionals to make sure that your systems are patched and protected against all known vulnerabilities
- Change passwords across your networks so that previously stolen credentials are useless to malicious actors
- Back up your data and ensure you have offline backups beyond the reach of malicious actors
- Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack
- Encrypt your data so it cannot be used if it is stolen
- Educate your employees on common tactics that attackers will use over email or through websites
- Encourage employees to report if their computers or phones have shown unusual behavior, such as unusual crashes or operating very slowly
- Engage proactively with your local FBI field office or CISA Regional Office to establish relationships in advance of any cyber incidents
The Biden Administration also encourages IT and security leaders at all companies to visit the websites of CISA and the FBI to access technical information and other useful resources. These heightened threats represent a clear and present danger for all of us. We encourage all of our agents to download the Alliant National Escrow Fraud/Social Engineering today and share this information with your staff and customers.
Cyber fraud, social engineering and wire fraud attempts are on the rise again. We’re sharing in-depth information to help you protect your business.
First published in 2017 and fully updated by Alliant National’s Compliance, Risk and Education teams, the paper provides information, tips and suggestions to help you better understand the current threat environment and create a comprehensive plan that addresses the realities we face in our industry.
Time to assess cyberattack risk in light of Ukraine invasion
The paper’s release comes at a critical time as U.S. businesses brace for potential cyber warfare corresponding with recent violence in Europe. The Department of Homeland Security (DHS) issued a bulletin in January warning of the increased risk of cyberattacks in the U.S. as Russia was poised to invade Ukraine.
“We assess that Russia would consider initiating a cyberattack against the Homeland if it perceived a U.S. or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security,” the agency said in the bulletin released to law enforcement partners and obtained by The Hill.
In response, the American Land Title Association warned in a recent blog that the risk of spillover cyberattacks against non-primary targets could become much more widespread.
2022: Growth of BEC/EAC
Against this backdrop of international tension, Alliant National agents continue to report an increase in attempted wire fraud schemes. These attacks are part of a growing fraud threat targeting businesses of all sizes and the general public.
The FBI refers to this threat as Business Email Compromise/Email Account Compromise (BEC/EAC). BEC/EAC fraudsters focus on organizations that perform wire transfers, making real estate especially vulnerable.
According to the FBI Internet Crime Complaint Center’s (IC3) most recent report, the center received a record number of complaints from the American public in 2020: 791,790, with reported losses exceeding $4.1 billion. This represents a 69% increase in total complaints from 2019. Business Email Compromise (BEC) schemes continued to be the costliest: 19,369 complaints with an adjusted loss of approximately $1.8 billion. Phishing scams were also prominent: 241,342 complaints, with adjusted losses of over $54 million.
Protect Your Agency
Given the increased incidence of BEC/EAC scams and ransomware attacks over the past several years, it is imperative that prevention be addressed at every level. State and federal entities, as well as most of the top tech companies are creating alliances and workgroups to stem the tide.
Title insurance companies and agents also have a role to play. Given the current nationwide threat, we encourage all agents and their staff to remain on high alert for attempted fraud, particularly when it comes to seller proceeds. We also urge agencies to remain vigilant regarding possible attempts to obtain consumer or employee PII.
Here are some immediate steps to consider:
- Identify the risks your agency faces and make sure your systems are protected
- Maintain strict policies and procedures for verification of wire instructions
- Educate your staff and consumers about what to do when they suspect fraud
- Establish protocols to quickly detect fraud and recover diverted funds
- Obtain appropriate insurance, including Cyber Liability coverage
Cyber Security is Mission Critical
There is nothing more important than protecting our clients’ funds and personal information. It is mission critical for a title company to make security its highest priority in 2022. You can begin today to assess your systems and educate your staff to make sure every possible precaution has been put into place. We hope our Escrow Fraud/Social Engineering White Paper will be helpful in this work.
In addition to the release of the White Paper, Alliant National will provide updated materials throughout the year to help agents understand and respond to the threat environment we face. Of course, we’re always ready to discuss the threats we are seeing, and steps you might consider for your business. Feel free to reach out to your agency representative, or any member of the Alliant National team.
Digital file-sharing is a normal part of business, but don’t let down your guard
Today you can send almost any type of file through the internet. Digital repositories to receive or send data are a standardized feature of many office-based workplaces. In each one of our pockets, there is a cloud-connected device continually backing up our files, notes, pictures and texts.
While this technology is incredibly convenient, offering a streamlined way to share personal or professional information, it can still carry a security risk. If you don’t protect your files, there is the possibility someone could access or hack your business’s personal details. In this blog, we will discuss different ways to stay safe while sharing your files.
P2P File Sharing: What Are the Risks?
Whenever you engage in peer-to-peer (P2P) file sharing, you are opening yourself to potential security risks. From difficulties in tracking what becomes of your files to the elevated threat of malware, you can’t be too careful when sharing sensitive information. Downloading files also often results in significant traffic over a network, potentially reducing the availability of select programs on your computer or access to the internet itself.
With the inherent risk to P2P systems, how can you protect yourself? While nothing can completely eliminate risk, there are several strategies for more securely sharing files. First and foremost, there is anti-virus software, a type of software specifically designed to recognize, sequester and eliminate threats. Keep in mind that bad actors are constantly creating new viruses, so you can’t have a set-it-and-forget-it attitude. Use due-diligence and keep your anti-virus program current to maximize the amount of security it offers.
It is possible to apply an additional level of security by adding password protection to your files. Modern software programs make this easy to implement. For instance, Microsoft Word offers a step-by-step guide for how to attach an encrypted password to your documents.
The next method is to use encryption. By encrypting your files, you will always be able to keep your folders safe. Typically, encryption is accomplished with algorithms such as ECDH. You will want to ensure that encryption is part of any file sharing service you pursue for business purposes. And luckily, there is a wealth of information out there to help you vet potential providers.
Email is another common way that files get transferred, and it is highly important to secure these electronic communications. A frequent technique of email hacking is phishing. Stay alert when exchanging emails with anyone you don’t know. There are also specific email settings to keep the attachment of an email completely protected. Finally, many anti-virus software programs will scan all your emails and check whether they are infected or not.
You Can Never Be Too Careful With it becoming ever easier for people to connect, communicate and collaborate, one can occasionally forget that safety must be prioritized to the same level as productivity and convenience. Yet there are plenty of easy steps one can take to bolster their security when sharing files. By implementing these best practices, you will fortify your data and files, and be able to safely leverage these technologies for greater business growth.
Ransomware attacks are on the rise. Don’t let yourself become a victim.
For anyone with a passing awareness of IT trends, ransomware is the hot topic of the day. From the Colonial Pipeline attack to the JBS Holdings attack, ransomware attacks are becoming more brazen, more destructive and more frequent. According to recent data, this cybercrime is expected to grow by a staggering 15 percent per year, until it reaches 10.5 trillion dollars in 2025. For comparison’s sake, the entire GDP of the United States in 2019 was 21.43 trillion dollars.
Of course, independent title insurance agencies are much smaller than a gigantic oil pipeline system or food processing company. But that doesn’t mean they are immune from being targeted by bad actors or that they will stay under the radar of cybercriminals by default. Smaller companies are also at risk and need to take steps to protect themselves and their operations from ransomware.
Here is what you need to know about this particularly destructive cybercrime.
What is Ransomware?
Ransomware is a type of malware. True to its name, it blocks access to systems, devices, files or data until a ransom is paid. It’s important to note, however, that there are many different variations of ransomware. There is crypto ransomware, where malware encrypts a system’s files; wiper ransomware, where it threatens to erase files; or locker ransomware, where it blocks access to a system entirely. Ransomware also often includes communication from the criminal, a demand for financial payment – typically in the form of Bitcoin.
How Do Ransomware Attacks Occur?
Ransomware is delivered in a variety of ways. Some of its delivery mechanisms can include malicious attachments or links sent in an email; a network intrusion; being dropped by another malware infection; or by being wormable, where it spreads laterally via flash drives or Windows shortcut (LNK) files.
Why Be Aware of Ransomware?
Ransomware is a chronic and escalating problem. Not only do attacks appear to be happening more frequently, but their impact is also growing. In 2019, for instance, ransomware tore through 750 government computers in Texas. Earlier in 2021, the Colonial Pipeline got shaken down for nearly $5 million in ransom. Also this year, the computer giant Acer was attacked, with the threat of actors demanding a $50 million payment – the largest known ransom to date.
The ransoms that follow these types of attacks are not the only losses these companies experience. Ransomware also results in significant downtime for a company, which can cause havoc for an organization’s bottom line, not to mention their brand and reputation.
How Do You Protect Yourself?
As with many cyber initiatives, developing an effective and robust defense against ransomware requires an all-hands-on-deck approach and strong organizational buy-in. It is imperative for companies to develop, implement and enforce cybersecurity policies across all departments. Such policies should include guidance and training for how to spot malicious emails and report suspicious activity. In addition, businesses can change default passwords at network access points, routinely apply software patches to keep systems current and segment networks to make it harder for a criminal to roam across your entire digital ecosystem.
Now is the Time for Action
With the prevalence of breaches and cyber-attacks, conducting business online can feel like the Wild West: you just never know what is going to happen. But there is truth in the adage that the best defense is a good offense.
With ransomware attacks growing in both size and scope, now is the time to take proactive, preventative action to discourage bad actors or make your enterprise more resistant to cybercrime. Nobody can eliminate the prospect of ransomware attacks. But by taking strong action before a problem arises, you will greatly reduce the possibility of being attacked and keep your operations running as smoothly as ever.
 The increase in ransomware attacks during the COVID-19 pandemic may lead to a new internet (theconversation.com)
 United States of America – Place Explorer – Data Commons
Over the weekend, cloud-hosting and data security provider Cloudstar fell victim to a sophisticated ransomware attack. Alliant National was not impacted, however the attack has affected many agents across the country.
As a valued partner of Alliant National please know that we will make every effort to assist you and your agency if you have been impacted by this ransomware attack. During this challenging time, we are being as pro-active as possible by contacting customers and offering assistance.
Major title software vendors including Qualia, RamQuest, and SoftPro are offering hosting services to those affected by the Cloudstar attack, and there are other third-party vendors that may be able to help as well.
We have provided Alliant National forms packages to the major escrow software providers so they can be loaded quickly and easily into your environment if needed. The National Operations Center of Alliant National is on standby should you need assistance issuing individual Closing Protection Letters outside of your operating environment. We have our agency teams standing by to help you find a closing solution should you need a closing done to mitigate your reputational risk. In short, if you have a need, please reach out today to your Alliant National contact.
Please know that Alliant National will do anything possible to assist you and your agency if you are affected by this attack.
Additional information about this industry wide outage can be found here.