banner
article1photo
byline
in this issue
article1
article2
article3
article4

 
Simply put, ransomware works like this: A criminal hacks into a computer, deploys malicious software to block access or take over a computer system with unbreakable encryption, and then demands a ransom for the encryption key needed to re–gain access and unscramble the files.

In May 2019, the City of Baltimore fell victim to this crime. Hackers were successful in encrypting about 10,000 of their computers. The hackers sent a ransom demand, but the Mayor refused to pay.

The Baltimore Sun reported that the demand said, "We've watching you for days and we've worked on your systems to gain full access to your company and bypass all of your protections," and demanded the City pay 13 bitcoins within four days to unencrypt the computers, or the price would go up. They claimed after 10 days, the data would be lost forever. The hackers threatened, "We won't talk more, all we know is MONEY!...Hurry up! TikTok , Tik Tok , Tik Tok!"

The 13 bitcoin added up to approximately $103,000. The hackers threatened to stop all future communications if the city called the FBI, and claimed any attempt to use any other software would permanently damage their computers and the files contained on them.

Experts reported the hackers utilized RobbinHood malware. RobbinHood is a very powerful program which seems to gain access through hacked remote desktop services or other Trojans, rather than spam.

The attack affected phone lines, email accounts, the ability to collect payments for utilities, even parking fines and many more services the public relies on. Most notably to the title insurance industry, the attack affected the recorder's office causing a delay in real estate transactions.

It does not end there. The County of Harrison, West Virginia, was the victim of a ransomware attack on Thursday, June 13, 2019. The County was forced to revert to manually recording documents, thus exposing title insurance companies to bigger gap periods and requiring manual title searches for pending transactions.

Our Company has guidelines on how operations can continue business as usual in the event a county recorder's office is attacked by ransomware. It is more important than ever we all work together.

Anyone located in a municipality who falls victim to this type of cyber incident should be sure to consult with their Underwriter for approval to close any transaction.

The FBI has provided advice to organizations to protect themselves from a ransomware attack. The FBI's tips can be found on their website: https://www.fbi.gov/investigate/cyber.

Article provided by contributing author:
Diana Hoffman, Corporate Escrow Administrator
Fidelity National Title Group
National Escrow Administration

 

 
  SHARE    
 
 
 
footer_line
 
stop fraud! share
 
footer_line
 
 
FNF Home