Was Ellie Mae attack the work of cyberterrorists?
Your company could be next
On March 31 and April 1 lenders hit a troubling roadblock when they tried to finish closing their loans, due to the outage of Encompass360, Ellie Mae’s LOS.
“It appears that the outages were the result of an external malicious attack characteristic of a distributed denial of service (DDoS). We took actions to isolate the suspicious activity and prevent future unwarranted access. We have deployed the appropriate countermeasures to prevent this type of client-impacting event in the future,” Ellie Mae said.
Encompass360 currently services 20% of all residential mortgages in the U.S., and 90,000 mortgage professionals use the Ellie Mae technology to originate and fund loans.
So in short, most lenders were down.
Since then, full service has been restored, but is the problem really over?
“I find this attack to be odd; it appears to be more out of a political motive to disrupt the US financial industry, rather than the usual economic motivation (to steal money or data). If it was a political motive, we should expect more such attacks in the future,” said William Kresse, associate professor at St. Xavier University in Chicago and also the director for the Center for the Study of Fraud and Corruption.
Kresse explained that there are two types of cyber attackers.
“Most fraudsters have an economic motivation. But there is this second group that is out there. They really have political motivation,” Kresse said.
While Kresse noted that a lot of the reasons behind the attack are speculations, they are plausible and a feasible threat.
In theory, Kresse explained some of these attacks, like that on Ellie Mae, could be by cyber terrorists who are feeling out the various vital sections of our economy to see which systems they could attack to cause the greatest harm.
Meanwhile, the Federal Financial Institutions Examinations Council released a statement on the risks associated with cyber attacks on Automated Teller Machines (ATM) and card authorization systems and the continued (DDoS) attacks on public-facing websites.
The statement by the FFIEC outlines the steps institutions can take to address these attacks and highlights resources institutions can use to help mitigate the risks posed by such attacks.
However, the particular case of Ellie Mae is peculiar because it seems to be due to people who are politically opposed to the U.S., Kresse said.
Ellie Mae emphasized that there is no evidence of any data breach, and the company confirmed that client data and personal borrower data remains secure.
But because there seems to be no economic benefit to the attack, it just widens the door for this to be a potential political attack, which could be a far worse problem.