In a session that might have been titled “Scared Straight about Cybersecurity,” WFG National Title Insurance Company offered the 500 title agents attending its Spark22 event in March a sobering assessment of the threat cyber criminals pose to our industry.
The reaction was so impassioned that the session was recorded to launch Cyber 411, a new monthly video podcast. Each episode will feature an interview with Bruce Phillips, CISSP / SVP & Chief Information Security Officer with WEST, a Williston Financial Group company. Episodes will be posted on the second Tuesday of each month.
In that first Cyber 411 podcast, posted in April and available here, Phillips is interviewed by Brian Nachlas, a former Marketing Technology Director with WEST. The next episode will be taped in front of a live audience on May 11th in Detroit during WFG’s first regional Spark event.
An ongoing call for commitment to security
WFG has long raised concern for greater awareness of the real danger of cybercrime. In a February The Title Report article, WFG Founder and Executive Chairman Patrick F. Stone ranked cybersecurity as the number one area of concern for the title industry in 2022.
"If you can't assure your clients that you have good cyber security," Stone warned, “you can lose clients … and find lenders are going to be less willing to work with you."
Since WESTprotect’s creation in 2015, Phillips has been posting blogs and alerts on the westprotect.com website, tracking the evolution of the threat from hacking and social engineering, to mail fraud, ransomware, and now cyberextortion.
To get started with a firm foundation in the subject, Nachlas asked Phillips to define cybersecurity and explain why it matters to WFG’s title partners.
Phillips, the primary source for The Title Report’s February feature “When Title Becomes the Target,” told the audience that, while in the physical world we may know where the greatest danger awaits, the greatest peril in the cybersphere is invisible and undetectable.
“We run our businesses on the internet, which is a great tool for good,” he said. “But it is also the greatest tool for evil. When you get on the internet, you don't know who's lurking around the corner looking for weaknesses or vulnerabilities in your business.”
Title agents have become a primary target in the past few years, he stressed, because criminals have learned that this is an industry that moves large sums of liquid funds quickly with limited safeguards and security training.
Phillips identified the 2021 cyberattack on Cloudstar as a turning point.
“It marked the first time that, rather than one company singled out for an attack, the attack was against the service provider,” he said. “So instead of getting a single company’s data, the hackers got everyone's data.”
While inside the Cloudstar system, which affected more than 140 title companies, the criminals realized that these companies provided one-stop-shops for identity theft.
“If I want to steal someone's identity, the easiest way to do it is break into a title company and get all of their customers’ information,” Phillips said. “Now I have everything I need. That's really when the cybercriminal world realized how much of other people’s money was being held by title companies. Attacks now use phishing, technology, and vulnerabilities stolen from the NSA that allow them to invade a network that has been configured incorrectly.
“It was a big shift last June and July,” he added. “It really elevated title’s status as a target for cybercriminals.”
The exception to the disaster rule
Phillips told of one company that was pulled back from the brink by a matter of hours.
“One Saturday morning I received a call from the owner of a title company in Florida,” Phillips began. “Criminals had compromised their usernames and passwords, identified their bank, logged in as the wire initiator and initiated five wires. They then logged in as the approver of wires and approved them.”
Next, the intruders wired out “a whole lot of money” hoping nobody would notice.
“Fortunately,” he continued, “one of the owners had logged in and noticed that his bank account was empty. After contacting the bank and starting an investigation, he reached out to his WFG rep, who directed him to me. We were able to get the money back through industry contacts I have. We reached out to the last bank holding the money, and by offering some really interesting things that I won't talk about, my counterpart at the bank leaned on his company to get the money back.”
By this point, however, every dollar from the company’s escrow account was gone.
“It wasn’t that they couldn't close a transaction, they could not close on any transaction. It wasn’t clear that the company could survive,” he said.
Then, by Tuesday afternoon, four hours away from its going out of business, the company’s funds were retrieved.
“Four hours away from going out of business!” Phillips repeated. “And this was only five days into the event. All because they didn't understand how to properly secure their network and their email. Criminals had been in their network, reading their emails, understanding the processes that they had in place so that they could then initiate and approve wires when they felt like it.”
Today’s criminals are probing through networks trying to find a way to get in and, once they get in, they create a foothold and are able to do what they want.
The best offense can only be strong defense
Phillips told his audience that they need to test themselves, to understand what their limits and risks are, and then determine how they can reduce those risks. To illustrate, he described what a service like WESTprotect provides.
“Number one is to understand your risks,” he began. “Cybersecurity is one more business risk, and it is understood by doing risk assessment of your business. We run a quick start cybersecurity risk assessment for you to guide you through creating your plans, your processes and procedures so that when it happens to you – notice I said when it happens to you, not if it happens to you – you'll be able to recover from it, or at least reduce the effect of it.”
To view the inaugural episode of the WESTprotect Cyber 411 video podcast, click here. For more information on WESTprotect, visit westprotect.com.
wfgblocks.com
About WFG National Title Insurance Company
WFG National Title Insurance Company is a national underwriter and full-service provider of title insurance and settlement services for commercial and residential transactions. WFG leverages innovative technology solutions to facilitate increased transparency and engagement, reduce expenses and enhance operational efficiency, creating a better experience for all transaction participants. WFG’s Agency network includes more than 1,700 independent title insurance agents in 49 states.