It has become increasingly apparent in recent weeks that malicious actors are actively targeting mortgage lenders with ransomware. This comes at a critical time for the industry, when lenders are operating at capacity and originating record volumes.


Many companies have experienced attempts to breach their systems, with several falling victim to a remarkably similar phishing attack that includes malware designed to encrypt their data and deny access to critical systems, followed by the demand for sizeable sums of money in ransom, exceeding $1M in some cases. The impact of these breaches has been significant and cannot be overstated, with companies experiencing downtime of up to a week, resulting in painful disruptions to business operations and lost productivity.


We encourage you to be extra vigilant and to focus on strengthening your organization’s defenses against ransomware and other attacks. Recent studies have shown that 75% of companies impacted by ransomware this year had up-to-date anti-virus software that was not adequate in thwarting the attacks. Technical controls alone are not 100% effective; having a comprehensive plan that includes employee training and updated tools is key to helping you prepare for, and recover from, such attacks.


If our Cybersecurity Solutions Team can assist you in assessing your current cybersecurity posture or providing recommendations for improvement, email JT Gaietto. Regardless of who is implementing your security program, we urge you to test and monitor your systems, ensure your response plan is comprehensive, and asses your current policies and procedures to avoid a breach in light of this increase in targeting.