While a digitized landscape has ushered in unprecedented convenience and efficiency, it’s also paved way for looming cyber threats to data security, with the recent incident involving Fidelity National Financial (FNF) being just the latest example.
South Carolina-based Blair Cato Pickren Casterline, LLC found itself adjusting on the fly in the wake of FNF’s situation, with attorney and co-founder Cynthia Blair helping her team keep business flowing.
FNF’s incident struck during a crucial software transition at Blair Cato, compounding challenges the agency faced.
“It was a real double whammy,” Blair told The Title Report. “We were in the midst of changing systems and lost communication with our software implementation team because our new software system is owned by FNF. Additionally, we had to communicate with our FNF and CTIC reps via their cell phones or personal Gmail accounts for not only underwriting questions but pulling CPLs and policy jackets. The attack also affected our integration with multiple underwriters as at least one of our other underwriters cut off its integration with our software in an abundance of caution.”
Details about the attack’s origin are not publicly known.
“I don’t have specific information on how the attacker gained access,” Blair said. “Speculation won’t help. What’s crucial is fortifying our defenses and staying vigilant.”
Amidst the chaos of the incident’s after-effects, Blair and company leaned on collaborative planning to salvage operations.
“We managed to continue our software integration despite the hurdles. We’ve been revising and fine-tuning processes, leveraging every resource available,” she said. “Cybersecurity threats are a top concern, akin to wire fraud. We strive to stay ahead, but it’s a constantly evolving battle.”
FNF has reported that any cybersecurity breaches have been contained and it’s moving forward with normal business operations. The incident was first reported in a Nov. 21 filing with the U.S. Securities and Exchange Commission.
While cybercrime operation ALPHV/BlackCat has claimed responsibility for the attack, FNF has not confirmed which group was responsible.
According to research firm Cybersecurity Ventures, cybercrime is expected to cost the world $8 trillion in 2023.
If it were measured as a country, then cybercrime would be the world’s third-largest economy after the U.S. and China, the report states.
Blair highlighted the human element in cybersecurity, acknowledging that educating staff remains paramount.
“The weakest link is often people, including ourselves,” she said. “We invest in IT protection and educate our team regularly. However, the landscape evolves, and staying informed is critical. Cybersecurity awareness varies across companies in our industry. Consumers should inquire about security measures from companies they engage with. Ask them about their contingency plans for cyber threats. Our disaster recovery plan constantly evolves to adapt to changing scenarios.
“During an email outage that we experienced a number of years ago, lack of information exacerbated our problems. Communication plans should be ready to deploy swiftly to reassure clients. Plan meticulously for such scenarios. Concrete steps must be documented, ensuring a clear roadmap during crises.”
According to CATIC’s 2022 cybersecurity report, the average ransomware payment was $228,000 across 832 reported incidents. Numbers have worsened this year with 1,378 attacks and an average ransomware demand of $5.3 million.
Other 2023 findings from CATIC include 50 percent of all real estate organizations being victims of ransomware in the past 12 months, with nearly half being targeted more than once.
Blair’s and her firm’s journey through this cyber upheaval serves as a testament to the intricacies and challenges faced by businesses confronting such threats. As she and colleagues continue fortifying defenses, they hope this experience can provide a blueprint for others encountering similar challenges.
“You simply have to have that backup plan for communication,” she said. “If you’re down for six hours, you can survive for about six hours. After that, it begins to get very, very problematic. You can notify the public about the issue via social media but not all of your customers or vendors engage with your company on social media. Using Gmail addresses can help (during a shorter down time) but after that, you’re really going to have to have some kind of structured plan to let your clients know.
“You want to be able to say, ‘This is what we need to do this is step one and this is who we notify. This is how we do that and this is the mechanism for doing that. My advice really boils down to including this contingency in your disaster recovery plan. You cannot just think about natural disasters, like a hurricane coming through, you have to build a breach situation into your plans, too. You have to expect it and always be ready.”