In 2013, RynohLive‘s Morning Report alerted a Virginia-based title agent to suspicious Escrow Account activity.
After reviewing the Morning Report alerts, the agent quickly discovered that it was more than an alert for an unbalanced account, it was a cyber-attack.
The malware (ZeuS Bot and Zero Access Rootkit Malware) entered their network through an outdated version of Java, accessed their settlement software and did significant damage. The malware had issued fraudulent checks, moved funds and created fictitious files with the clear intention to take the money and run.
According to the agent, the attack could have easily cost them a loss of over three hundred thousand dollars. Since the agent was utilizing Positive Pay along with RynohLive’s Morning Report , the agent was able to notify their bank before any of the checks cleared.
As always, make sure you’re taking the necessary precautions to keep your business safe. Read through the tips below to make sure your business is ready to defend against cyber security threats.
5 Quick Tips to Protect Yourself Against Cyber Threats
Stay Current on Security Patches and Fixes
From one machine, you can make sure all machines are up to date. If IT professionals are not available, assign updating all machines on the network to a user.
This user should update all applications, plugins, Windows updates, and any other software on the machines at least once every other week
Know who is using your network and what applications are on your network. This includes smartphones, notebooks, tablets, etc…and if possible, install/scan virus protection on computers before they access your network.
Review and Update and Enforce Computer Security Policies
It’s important to make sure all members in your organization are on the same page when it comes to computer and cyber security policies and procedures.
Keep everyone informed by sending regular emails from your IT department to inform and update users on current threats and trends.
Limit Administrative Controls
Set and enforce strong administrative controls for those with access to the settlement and disbursing software.
Freeze files after closing so that changes cannot be easily made and limit those who can make changes for disbursed files.
Limit functions for individuals disbursing funds. For example, remove their ability to delete or create new files; transfer funds; disburse files with negative balances, etc.
Automatically Log-off Computer
If a computer is sitting dormant on the network for a period of time, it’s a good idea to automatically kick that computer off of the network.
Having a computer hanging around the network for an extended amount of time can result in a security breach – especially if no one is watching.
“Password” is not a Password
Make passwords long and strong. For example, use letters or characters in place of words.
Change default passwords (you would be surprised how often they are not) and don’t use the same password for multiple accounts.
Have security enabled for your Wi-Fi and hide the Wi-Fi network name and never use the same password for all of your accounts.
And remember, “password” is not a password!