Attachment Issues


The last few years have been a whirlwind of activity and excitement for the Title and Settlement industry. We have all witnessed once in a lifetime events, both hopeful and challenging alike. Yet, the settlement industry continues its record breaking advance at a breakneck pace. With the ongoing housing market boom, the title and settlement industry has only hastened its relentless pursuit of a technological overhaul in order to facilitate the requisite business efficiencies required of such progress. Frankly, the “writing has been seen upon the wall” and companies across the industry increasingly clamor to jettison their dusty filing cabinets and fax machines. More and more frequently, it seems every bit of data is digitized and accelerated around the world at the speed of light, exchanged, crunched, converted, and analyzed by the latest algorithms.

And then, at last, our industry was visited by an unlucky fate suffered by many other sectors who had previously dove headfirst and whole heartedly into the brave new world of tech.  That fate? Pirates. Tech savvy pirates…a.k.a., Ransomware hackers. Alas, with every great advancement and new achievement comes the other side of the doubloon, enhanced capabilities and evolving opportunities for those looking to do wrong by others.   

On July 16, 2021, hosted software and encryption company, Cloudstar, was unfortunately struck by a Ransomware Encryption attack. As of the writing of this blog, Cloudstar has not fully recovered, though they are providing updates on their website. According to The American Land Title Association, (ALTA), Cloudstar hosts over 42,000 users through its six data centers across the United States. While companies working on Closing transactions nationwide were left scrambling to find other means to proceed, Cloudstar, as well as several of their competitors are admirably reaching out to provide as much help as possible to facilitate real estate transactions. The sum demanded by Hackers has not been publicly released at this time. 

But Who is Talking About it?

Interestingly enough, outside of industry specific sources such as October Research’s The Title Report and ATLA’s News You Can Use, very few media waves have been made about the Cloudstar hack. To some degree, Ransomware attacks have maybe become all too common of an occurrence, though just two months prior there was a widely hyped incident at Colonial Pipeline that may have sucked up most of the oxygen on the subject. Over the last five years, hundreds of stories have come out about schools, hospitals, local governments, and dozens of other industries being targeted by Ransomware attacks, each playing out in a relatively similar fashion. 

How it Works in a Nutshell

It typically goes like this: on a random mundane day, an unsuspecting employee attempts to login or access company data, only to be greeted with an ominous pop-up notice that copious amounts of sensitive data and/or systems have been frozen by malicious software. Victims are provided with a ‘ransom’- an amount to be paid, often in cryptocurrency like Bitcoin. Victims are even offered assistance with the Bitcoin purchasing process, including detailed instructions to complete payment. Threats are often included, and in many cases, the victim’s data is not only encrypted, but also downloaded with the threat of bad intent. For example, besides potentially never retrieving company data, said information, be it medical records or sensitive customer financial information may be posted on the dark web for others to exploit.

Not all of these hacker groups are completely heartless. In fact, those individuals responsible for the aforementioned Colonial Pipeline attack posted a “Code of Ethics” where they outlined their mission as nonpolitical and promised that they would never target hospitals or other such sensitive companies. The hacker organization responsible also comforted victims by letting them know that detailed accounting studies were conducted on their financials and the ransom amount was set at a fair and affordable figure. They also sympathetically reassured victims regarding their dedication to provide detailed, hands-on tech support walking them through the process of decrypting their data once paid.  Honor among thieves, right?

Tough Choices are Made

Sadly, in all probability, Ransomware attacks are not going anywhere any time soon. Moreover, laws are being discussed that would make it illegal to simply pay ransoms and instead require victims to first contact the FBI. In some cases, companies may have far greater fear from negative market sentiment if it comes out that they have fallen victim to such an attack. Some organizations may prefer to pay out a large ransom rather than have the market lose faith in their data security capabilities. No one really likes losing control when it comes to huge, irreversible decisions. On the other hand, one major reason that these laws are being considered is if too many companies simply roll over and quickly ‘pay up’, this may actually encourage future Ransomware attacks.

What Can You do to Help Protect Your company?

Legislation aside, the real answer to dealing with Ransomware is likely more along the lines of prevention. It seems that Ransomware hacking groups typically cast extremely wide nets looking for weaknesses and targeting the distracted, unknowing, or uninformed end-user. By understanding your organization’s perceived data weaknesses, you and your company can upgrade your systems and properly inform your team. Internationally acclaimed Cyber Security firm Kaspersky provided the following outline of vulnerabilities to fix and hints to avoid becoming a victim of an encryption attack.

Security vulnerabilitiesFactors that might make you the target of a Ransomware attack.

  • The device used is no longer state-of-the-art
  • The device has outdated software
  • Browsers and/or operating systems are no longer patched
  • No proper backup plan exists
  • Insufficient attention has been paid to cybersecurity, and a concrete plan is not in place

Protection against RansomwareActions to take to prevent an infection.

  • Never click on unsafe links
  • Avoid disclosing personal information
  • Do not open suspicious email attachments
  • Never use unknown USB sticks
  • Keep your programs and operating system up to date
  • Use only known download sources
  • Use VPN services on public Wi-Fi networks

As laid out above by Kaspersky, the best current solution to combat a Ransomware threat appears to be preparedness and education. You too can work to make your company a smaller target by keeping your systems up to date and regularly backed up while ensuring employee diligence when it comes to unfamiliar attachments and links.

In the End

Hacking groups tend to go after low hanging fruit. They acquire robust lists of emails and send out bulk messages with malicious links and attachments and then sit back and wait for their traps to spring. They analyze and sort those companies that have been compromised and then choose the juiciest targets to extort. 

The Title and Settlement industry finds itself fighting over a tight pool of experienced, tech-savvy individuals as almost every company is rushing to enter the interconnected world. That pool grows larger every day as employees learn and practice with new systems and the next generation of computer savvy employees enter the work force, primed to excel with any new tech. 

Properly ensuring that all employees have at least a basic level of computer aptitude may become a standard litmus test when hiring in 2022 and beyond. In the meantime, providing employees with additional tech education or encouraging and rewarding them for seeking it out on their own can be an excellent safeguard against not only Ransomware, but numerous other online threats that any modern company is destined to face. As tech advances, so does the need for security and thus the importance of knowing thy enemy. Every office has those few employees constantly searching for the “Any Key” who may struggle to make it through the week without a visit from IT support. These are the guards that swing open the city gate and help wheel in the giant gift horse. Getting those individuals up to speed is step one to staying ahead of the looming Ransomware threat.