The buy market could exacerbate mortgage lenders’ cybersecurity vulnerabilities
Cyberattacks have been on the rise in recent weeks as sanctions on Russia push its economy to the ground. breaking pointand mortgage lenders may have unique vulnerabilities.
Cybersecurity experts have said in interviews that over the past two weeks cyberattacks targeting the financial sector, which can be traced in part to Russia, have been higher than usual.
Rick Hill, Vice President of Industry Technology at Mortgage Bankers Associationsaid the loan is an essential part of the country’s infrastructure, which is one of the reasons it is more likely to come under attack.
“We urge our members to remain extremely vigilant against attempts to breach their systems through phishing and other attack methods,” Hill said.
The MBA warned in a Publish published in early March that third-party vendors and contractors used by lenders could be “potential avenues for these attacks.”
John-Thomas Gaietto, Chief Security Officer digital silencesaid the mortgage industry should be on guard, in light of a “massive increase in [cyberattacks] over the past four to five weeks.
Gaietto said Russian-linked hackers often gain access to an organization’s network through phishing and embed themselves on a company’s server. He also said warehouse lines of credit, which non-bank lenders rely on to fund loans, are particularly vulnerable to attack.
The hackers are “able to withdraw money from this warehouse line that could have been used to fund loans and then monetize it for their purposes,” he said.
Mitch Tanenbaum, Partner at CyberSecuritya cybersecurity consulting firm, said the easiest way for unscrupulous actors to gain access to financial institutions, including mortgage lenders and services, is through phishing schemes.
“They’ll send out a million emails or they’ll scan a million IP addresses,” Tanenbaum said. “They will look for vulnerabilities. And guess what, they’ll probably find one.
State financial regulators have also sounded the alarm over cyberattacks. the New York Department of Financial Services last month warned state-chartered banks it oversees of the risk of cyber retaliation from Russia.
“The Russian invasion of Ukraine dramatically increases cyber risk to the U.S. financial sector,” NYDFS Superintendent Adrienne Harris, wrote in a February letter to the banks. “The escalation of tensions between the United States and Russia also increases the risk that Russian threat actors will directly attack U.S. critical infrastructure in retaliation for sanctions or other actions taken by the U.S. government.”
The NYDFS warned that financial institutions should “review their programs to ensure full compliance, paying particular attention to basic cybersecurity hygiene measures such as multi-factor authentication, privileged access management, vulnerabilities and disabling or securing access to the Remote Desktop Protocol”.
the Cybersecurity and Infrastructure Security Agencyalso recently updated its website to highlight current cybersecurity threats. The federal agency said that following the sanctions imposed by the United States and its allies on Russia, every organization must prepare to respond to disruptive cyber activity.
As interest rates rise and spreads compress, the transition to a buy market may also lead to diminished defenses against cyberattacks.
Gaietto said that in such an environment, LOs could be more susceptible to cyberattacks, as they would rush to close a loan quickly and be less attentive to what they clicked on.
In a lending environment “when there’s a strong sense of urgency on the loan officer side or on the consumer side, it’s very easy to fool people with fake emails,” Gaietto said. .
One of the challenges in assessing the extent of cyberattacks is the reluctance to disclose when an incident occurred. Mortgage industry players rarely give details when they are the target of cyberattacks, in part because they don’t want to alert customers or give competitors an opportunity to poach their customers.
However, in July 2021, cloud stara leading title industry cloud service provider, said it suffered a ransomware attack, which prevented countless loans from being closed.
At the time, the cloud service provider said its systems were inaccessible and there was no definitive recovery schedule. Cloudstar, in a October 2021 post, said a forensic investigation and data recovery efforts by Tetra Defense, a company assisting with recovery efforts, have been completed. The message did not explain who was responsible for the attack or how many customers it affected.
Cloudstar did not return a request for comment.
Gaietto predicted that the threat of cyberattacks, to the mortgage industry in particular, is here to stay. For some companies, the cost of prevention may eventually become too much to bear.
“We continue to see these threat actors change and adapt, and they’re always one step ahead of us,” he said. “I think the volume of attacks will increase, the monetization and impact of these events will increase. We will reach a potential tipping point where the cost of prevention will outweigh the valuation of some organizations based on their size.