Join us on LinkedIn Follow us on Twitter Like us on Facebook
 
  OCTOBER RESEARCH STORE SUBSCRIBE LOG IN
AddControlToContainer_DynamicNavigation3
The Legal Description > News > Ransomware attack against Cloudstar indicative of new threat trend

Ransomware attack against Cloudstar indicative of new threat trend

Add This Email A Friend Printer Friendly Version
0 comments
Cybersecurity
Monday, July 19, 2021

Cloudstar discovered it was the victim of a highly sophisticated ransomware attack on July 16, 2021. Since then it has been working with a third-party forensics company to assist recovery efforts and has informed law enforcement.

“Cloudstar was recently the victim of a highly sophisticated ransomware attack. We have retained third-party experts to assist us in our recovery efforts and have also informed law enforcement,” Cloudstar President Christopher Cury told The Legal Description’s sister publication, The Title Report.

“Due to the nature of this attack, at this time our systems are currently inaccessible, and although we are working around the clock, we do not have a definitive restoration timeline,” Cury said. “We will continue to investigate this incident and provide updates to our customers as we have additional information to share.”  

Tom Weyant, VP, risk management and data security, and privacy officer Alliant National Title Insurance Co., noted this is indicative of a big shift in ransomware attacks where hackers are focusing on industries’ infrastructure instead of individual companies.

“What we are seeing today is they did not attack an individual agency, they attacked the infrastructure,” he said. “When they do that it is more pervasive as far as the disruption and destruction that it causes  when this happens.  Resware users and others may all affected by the outage and breach. It is socially disruptive as well as industry disruptive in getting to the businesses that use Cloudstar. That is a big difference from what we’ve seen in the past but it is right in line with the direction of how ransomware attacks have been migrating.”

He said this is very similar to the Colonial Pipeline ransomware attack and the JBS meat processing attack a couple of months ago and noted that infrastructure attacks cripple an industry and have wide-spread implications and demand much larger ransom payment.

In an update on its website July 18, 2021, Cloudstar stated, “Due to the nature of this attack, at this time our systems are currently inaccessible, and although we are working around the clock, we do not have a definitive restoration timeline. Our Office 365 mail services, email encryption offering and some support services are still fully operational.

“Cloudstar has retained third-party forensics experts Tetra Defense to assist us in our recovery efforts and also informed law enforcement,” the update stated. “Negotiations with the threat actor are ongoing. Additionally, we have informed all of our customers and are committed to helping them through this and working in the best interest of the industry. We will continue to investigate this incident and provide updates to our customers as we have additional information to share.”

In additional FAQs, Cloudstar noted that though it is working around the clock, it does not have a definitive timeline for the restoration of its systems. It also cannot make any conclusive statements about data exfiltration.

For agencies that may be impacted by the attack, Weyant said there are five key steps they should take. The first is to know what their state breach law requires. He said all states are different in terms of the timeline, and what triggers certain reporting requirements and to whom to report.

“And you have to stay in close contact with Cloudstar if that is your service provider,” Weyant said. “They’ll give you an estimate on what is going on and when systems and operations may resume. Any attack can take days to several weeks for the service provider to come online. At this point we don’t have a hard and fast estimate on when they may be back in business.

“The other reason to stay in touch with them is because you are going to need a root cause analysis that they are obligated to provide you,” he added. “You may need that for several things. Number one, to provide to your state. You may need to provide it to your insurance carrier or to your legal department. It’s important to stay in close touch with them and get that root case analysis and post mortem once things settle down.”

Weyant also noted it’s important to understand your insurance coverage. If a partner or client gets breached or you can’t conduct business, he said cybersecurity insurance may cover your downtime and any business disruption losses.

“You’ve got to get in touch with your insurance carrier, your legal team and let all of your internal and outside stakeholders know this happened and provide them with facts and details as they are received,” he said.

Weyant said this is also a time to reassess your own security, making sure you have things like multifactor authentication and strong passwords to access systems and applications, making sure encryption is deployed for emails as well as any data at rest.

What should you do about closings that are scheduled for this week? Weyant said agents should notify all parties that were scheduled and plan to move those out accordingly, being up front and factual in explaining why the closing must be rescheduled.

“The best thing at this point for most of our agents is to stay calm, wait for the facts to come in and to reschedule and prioritize those closings that were to happen this week,” he said.

“As of right now, unfortunately because it was such a disruptive attack, many folks are in the same situation, just waiting for details,” Weyant said. “That is always the hardest part.”

Today's other top stories
First U.S. Circuit Court of Appeals determines coverage for development rights
Uniform Law Commission appoints marketable title, token transaction study committees
Missouri federal court remands case to state
Utah proposes repealing ‘unnecessary’ fraud-reporting rule
Texas Department of Insurance warns of scammer


COMMENT BOX DISCLAIMER:
October Research is not responsible for the comments posted on its websites by readers. We will do our best to remove comments that include profanity or personal attacks or other inappropriate comments.
Comments:

Be the first to leave a comment.

Leave your comment
CAPTCHA Validation
CAPTCHA
Code:
: 
: 
Your Email is for reporting purposes only. It will NOT be displayed.
Popularity:
This article has been viewed 1975 times.
A Twitter List by TheLegalDesc
News by Topic   News by Edition   Special Reports   Webinars   Subscribe
Court Report
Cybersecurity
Industry News
Legislative Developments
Regulatory Updates
Remote Online Notarization
The Blotter
The TRID Journey
 
June 13, 2022
June 27, 2022
July 11, 2022
July 25, 2022
Archives
 
Attorney State Perspectives
Mergers & Acquisitions
2022 State of the Industry
Cybersecurity: Stay a Step Ahead
Real Estate Compliance Outlook
Wire Fraud
Archives
 
 
Utilizing Tech for RESPA Compliance
Collaborating on eClosings
Economic Forecast Series
Industry and Regulatory Outlook
Archives
 
Newsletter Subscriptions
Free Email Updates
Try a Free Edition
  About   Library   Store  
 
The Legal Description
Contact / Editors
Advertise
Social Media
Are You An Expert?
Subscriber Agreement
 
RON Resource Center
Cybersecurity Central
Court Cases
Legislation
Position Papers
Regulations
 
NS3 The Summit
Other Newsletters
The Title Report
RESPA News
Valuation Review
Dodd Frank Upate
 
                 
Copyright © 2000-2022 The Legal Description
An October Research, LLC publication
3046 Brecksville Road, Suite D, Richfield, OH 44286
(330) 659-6101, All Rights Reserved
www.thelegaldescription.com | Privacy Policy
VISIT OUR OTHER WEBSITES
> The Title Report
> RESPA News
> Dodd Frank Update
> Valuation Review
> The October Store


Loading... Loading...
Featuring:
  • Delivery 3X a week plus breaking news as it happens
  • Comprehensive title insurance industry news
  • Recent acquisitions, mergers, real estate stats
  • Exclusive in-depth coverage of the industry's hottest stories
Featuring:
  • Delivery 2X a week plus breaking news as it happens
  • Comprehensive Dodd-Frank coverage
  • The latest information from the CFPB
  • Full coverage of Congressional hearings
  • Updates on all agency actions
  • Analysis of controversial provisions
  • Release of newest studies and reports
Sign up today and...
  • Be one of the first to know where NS3 is being held
  • Learn about NS3 speakers and sessions
  • Save on registration with Super-Early Bird rates
  • Discover the networking opportunities NS3 offers
  • Find out if CE credits will be offered for your area
  • And much more
Featuring:
  • Delivery 2X a week plus breaking news as it happens
  • Preview the latest RESPAnews.com Top Story
  • RESPA related headline news
  • Quote of the Week
Featuring:
  • Delivery 2X a week plus breaking news as it happens
  • Legal, regulatory and legislative information impacting the settlement services industry
  • News from HUD, Congress, state legislatures and other regulatory agencies
  • Follow the lobbying efforts of all the major national real estate services organizations.
Featuring:
  • Delivery 2X a week plus breaking news as it happens
  • The industry's only full-time newsroom
  • Relevant, up-to-date appraisal industry news
  • Covering the hottest stories and industry trends
NEWS BY TOPIC
NEWS BY EDITION
SPECIAL REPORTS
LIBRARY
WEBINARS
FREE EMAIL UPDATES
ABOUT
SUBSCRIBE
Court Report
Cybersecurity
Industry News
Legislative Developments
Regulatory Updates
Remote Online Notarization
The Blotter
The TRID Journey
Current Edition
July 11, 2022
June 27, 2022
June 13, 2022
Archives
Real Estate Compliance Outlook
Best Practices
Attorney State Perspectives
Mergers & Acquisitions
2022 State of the Industry
Cybersecurity: Staying a Step Ahead
Archives
Executive Interview Series
eClosing Solutions Showcase
RON Resource Center
Cybersecurity Central
Court Cases
Legislation
Position Papers
Regulations
2012
2011
By Year
By State
2012
2011
Alabama
Alaska
Arizona
Arkansas
California
Colorado
Connecticut
Delaware
Florida
Georgia
Hawaii
Idaho
Illinois
Indiana
Iowa
Kansas
Kentucky
Louisiana
Maine
Maryland
Massachusetts
Michigan
Minnesota
Mississippi
Missouri
Montana
Nebraska
Nevada
New Hampshire
New Jersey
New Mexico
New York
North Carolina
North Dakota
Ohio
Oklahoma
Oregon
Pennsylvania
Rhode Island
South Carolina
South Dakota
Tennessee
Texas
Utah
Vermont
Virginia
Washington
West Virginia
Wisconsin
Wyoming
Comment Letters
White Papers
Testimony
2022 Economic Forecast Series
CFPB Update
Evolving Consumer Relationships
Understanding Cyber Insurance
Modernizing Your Brand
Tech for RESPA Compliance
Collaborating on eClosings
Industry and Regulatory Outlook
Diversifying Your Office
Complying with the New CFPB
Webinar Archives
The Legal Description
Contact Us
Advertise
Are You An Expert?
Subscriber Agreement
Social Media