Good afternoon —
Last week we reported on the ransomware attack on Cloudstar, a cloud services provider for many title and settlement companies. We've reached out to title companies, lenders and trade groups to understand the impact, but it's still unclear how many closings were ultimately affected. (Understandably, some companies are reluctant to discuss if their business was impacted.)
Cloudstar's internal investigation is ongoing but their latest update isn't much changed from their initial statement: "We are continuing to work around-the-clock in partnership with third-party cybersecurity experts to prepare to reconnect as many of our customers as possible with their data as quickly as we are able to. Due to the extensive nature of this attack, we are still unable to provide a definitive restoration timeline. We are still in contact with law enforcement and are working diligently with our customers to keep them informed and help them continue their business operations as best as possible."
Clearly, 10 days later, the attack is still not resolved, which is what makes ransomware attacks so pernicious.
Fitch Ratings — which does not rate Cloudstar — noted that this incident "highlights the risk within not only the title industry, but all industries, of a potential cyber event and the impact of a single point of failure (SPoF) within the system."
Fitch went on to say: "The infection of a SPoF is called a 'force multiplier' meaning it creates a significantly larger event than attacks that infect a single system. Other recent examples of key vendors that represent a SPoF are SolarWinds, Microsoft Exchange Server, Pulse Secure VPN and Kaseya. As vendors and suppliers emerge with significant market share, their efficiencies in costs and time can be beneficial for their clients, but their downtime can have a disproportionate impact on an industry."
Attacking a key provider for title and settlement can disrupt the larger mortgage ecosystem and could also provide entry into other systems. Ransomware attacks are rampant — 4,000 attacks happen daily in the U.S. — and financial institutions are a favorite target. But big banks have hardened their defenses, making it more profitable to go after third-party service providers.
Cloud services providers are especially attractive. "Financial entities aren't the only concern; nonfinancial third-party providers, such as cloud services companies, electric utilities and data storage services could have great impact on financial services if wiped out," the New York Times wrote recently.
We'll keep you updated on any progress at Cloudstar. In the meantime, stay safe.
Until next week —
Sarah Wheeler
HousingWire Editor in Chief
EmoticonEmoticon