Ransomware Attack Could Impede Sales in Hot Housing Market | #malware | #ransomware


  • A major cloud-hosting provider for the real-estate title industry was struck by a ransomware attack.
  • Cloudstar said in a statement that “our systems are currently inaccessible” after the Friday attack.
  • Consequences for the residential real estate market include slowing or even halting transactions.

A

ransomware
hack has hit a key part of the red-hot residential real estate market, which could impede transactions including the buying and selling of homes.

Cloudstar, a cloud-hosting service used by many title insurance firms, confirmed to The Title Report that its services have been offline after a ransomware attack on Friday.

Cloudstar hosts the data for hundreds of title companies and lenders, as well as other regulated industries, across five data centers throughout the United States. “Title” is the legal right to ownership of a property; buyer-side title insurance, which protects against unknown issues in the title, is required by lenders before they will close on a mortgage and allow a property to formally change hands. 

The Cloudstar hack is a major logistical headache for title insurance companies and lenders, requiring them to grab data from other sources in order to verify titles and keep real estate transactions moving. Nicholas Chavez, a cybersecurity expert who is also the CEO of title company Silicon Title, estimated that given Cloudstar’s size, there are at least “decamillions” of active transaction value in its systems. The total “could possibly be as high as hundreds of millions or billions of dollars,” he added.

“If it’s been down before, it was down for maybe an hour, or a half an hour, never for very long,” said Mish Quadri, owner of Title Zen, a Florida company that processes title requests. “In my experience working with other companies, this is catastrophic.”

Plus, there’s the risk that confidential information gets leaked: Title transactions contain a range of sensitive and valuable personal details, including Social Security and bank account numbers. (A CloudStar press release said it is “too early” to know what data may be compromised.) In ransomware attacks like this one, criminals freeze computer systems by encrypting companies’ data so it can’t be accessed and then demand a ransom for the data. If companies refuse to pay or hesitate, cybercriminals sometimes extort companies by posting sensitive data publicly.

Cloudstar, which was still offline as of Tuesday, said on its website that “negotiations with the threat actor are ongoing.” The company said it could not provide “a definitive restoration timeline.” It also said in a statement posted on its website that it had informed law enforcement and was working with “third-party forensics experts Tetra Defense to assist us in our recovery efforts.” Tetra is a Wisconsin cybersecurity company that specializes in ransomware response. A Pennsylvania news outlet reported last year that Tetra helped a small municipality pay a ransom. 

“When an attack is on a service provider, the decision as to whether to pay becomes more complex and more pressing. It’s not only their business that has been disrupted, it may be their customers’ business too. The cost of business interruption can be enormous, as can the potential legal liability and, as a result, there can be significant pressure on organizations to end incidents quickly,” Brett Callow, a ransomware expert and analyst at the cybersecurity company Emsisoft, told Insider. 

Whether to pay criminals to release data is an agonizing decision for many companies. The federal government and cybersecurity experts strongly discourage paying off criminals out of fear that it perpetuates the crimes. But major companies have paid out: CNA Financial reportedly paid ransomware hackers $40 million. Colonial Pipeline’s CEO was called to testify before a Senate panel after he paid ransomware criminals.

The mounting pressure to end the Cloudstar shutdown and the course of action the company takes may be keenly watched. 

Sterbcow Law Group Partner Marx Sterbcow raised the possibility of a potential “national emergency” over the weekend, but told Insider that industry cooperation likely has averted the worst threat.

Title firms and software providers that weren’t impacted offered their services to those that were. Proptech unicorn and Tiger Global portfolio company Qualia offered three free months of its software. Still, many are stuck working manually to process title insurance requests, calling clients in order to fill in the gaps left by Cloudstar.

TitleZen is trying to move forward on upcoming closings that are already scheduled. Quadri said she expects her team to work “overnight” to keep transactions from failing without the data. 

“We have closings that are coming up, and have no information right now,” Quadri said. “We have to rebuild all of it, pull in all of the documents, create all new files, and pull in as much missing information as we can so that we can get these things back on track.”



Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

+ sixty six = sixty nine