Semperis comments on LoanDepot breach

As yet another mortgage company in the US suffers a cyberattack  we ask cybersecurity

expert Dan Lattimer, Vice President UK & Ireland, Semperis (www.semperis.com) for his views.

“With LoanDepot’s recent disclosure of a cyber incident it suffered, it is yet another reminder that the mortgage and loan industry has been in the crosshairs of cyber threat actors for quite some time.  While details of the attack on LoanDepot are scant, they have most likely suffered a ransomware attack.  In addition, Fidelity National Financial, LoanCare and Mr Cooper all suffered recent cyber breaches, proving the harsh reality of the daily fight organizations face protecting proprietary data.”

“Today, most of the global heavyweights in the mortgage and loan industry deploy fairly robust security strategies to protect sensitive data.  Unfortunately, persistent threat actors will target certain companies and look for gaps in their security architecture until they find a weak spot.  In addition, age old phishing scams are still highly effective in breaching organizations, as hackers send emails to a wide set of employees within a company and wait until someone inadvertently clicks on an attachment with malicious software code.”

“While persistent threat actors will eventually breach a target, what happens next is the deciding factor in whether the illegal activity turns into a material loss, causes business disruptions, and ends up making news headlines.  Organizations need to take the initiative to the attackers and improve their resiliency.  Cybersecurity is a combat sport and not for the faint of heart. For instance, take the ransomware scourge.  No one can pay their way out of ransomware.  Preparing in peacetime is the key and if you find out about the attack because the criminals sent the ransom note, it is too late.”

“Securing identity systems is one of the most crucial components in an organization’s risk management program, and when Active Directory (AD) services within the identity system are compromised, the hackers have been given the keys to the kingdom and are free to siphon vast amounts of proprietary data.”