The digital threat landscape for mortgage companies is enough to unnerve the most stalwart IT professional. Reviewing threat alerts is part and parcel of asking yourself the question, can you defend your mortgage company from ALL of today's threats? Well, we're here to help. Here are three tips that might just aid you on your way.
Today's mortgage companies do more and more business online. To monitor your company’s IT security means monitoring multiple platforms of threat alerts. On an ongoing basis, mortgage companies need to be diligent with understanding the following as they relate to your everyday operations:
A sophisticated malware campaign that threatened company IT networks with multiple intrusions has been doing so since April of 2016 . These cyber criminals have stolen administrative credentials, certificates, and then made multiple implants of several types of malware that attack critical IT systems. The campaign targeted multiple victims across multiple sectors. Depending on what security defenses are in place on a targeted organization's networks, the cyber criminals may gain full access to the organization's network, including the data stored there.
Additionally, because the malware uses stolen administrative credentials, a target's monitoring tools—put in place to protect its networks—may view the intrusions as coming with authorized access. This will unfortunately circumvent security protocols, as the incoming threat will not be recognized as such. What’s the moral of this story? If you’re going to have tools, make sure they’re smarter than the threats that can trick them.
Sectors targeted include Information Technology, Energy, Healthcare, Public Health, Communications and Critical Manufacturing. While these are some of the more commonly affected industries, no industry is truly safe.
The United States Computer Emergency Readiness Team issued Yellow Threat Level Alert (TA17-117A) with respect to this particular campaign.
The following tools are available to help fight malware intrusions.
Remember the recent WannaCry ransomware attack? Experts can all mostly agree that being proactive with your threat management is the best way to avoid threats. Also, having tools in place create a far more ideal outcome for your company than waiting for an attack to happen and then doing something about it.
To find out how ABT can help your mortgage company put up the good fight against the seemingly endless security threats, contact us. ABT has many recommended practices in place, such as website filters, app whitelisting, password policies, account control (limited admin access for users), workstation management (DeviceGuardian™ for major clients) server patching, change control, and network firewalls. Having ABT's Mortgage Technology Experts on your side helps you leverage all of their tools. ABT has over 50 years of IT management in the mortgage sector and we will help secure your mortgage company beyond the banking standard.