Cyber & IT Supervisory Forum - November 2023

First page Table of contents Previous page 64 Next page Last page

USE OF THREAT INTELLIGENCE AND INTERNAL SYSTEMS MONITORING:

1.) What tools might the organiza Ɵ on employ to receive threat informa Ɵ on?

2.) How might the organiza Ɵ on receive, priori Ɵ ze, and act in response to informa Ɵ on on new threats and vulnerabili Ɵ es facing the company and its controls? 3.) When and how should execu Ɵ ve management and the Board receive informa Ɵ on on the results of threat monitoring? 4.) What are some of the key monitoring prac Ɵ ces that an organiza Ɵ on might u Ɵ lize for servers, backup systems, worksta Ɵ ons, networks, and other endpoints? INJECT 2 : Monday, 2:45pm, June 6: A loan servicing specialist at the company receives an encrypted email from a borrower claiming to have issues making a payment on their mortgage. The email doesn’t clearly reference a speci fi c customer account, but the loan servicing specialist believes it is legi Ɵ mate and opens the email, which prompts them to enter their O ffi ce365 creden Ɵ als to access the encrypted email. Within a short Ɵ me, ransom screens appear on some company computers throughout the organiza Ɵ on. Many departments all around the company’s home o ffi ce loca Ɵ on are repor Ɵ ng that they cannot access the company’s network. Sta ff in the regional servicing facili Ɵ es report similar issues using shared applica Ɵ ons, as well as issues with connec Ɵ vity to the home o ffi ce. The systems needed to perform cri Ɵ cal daily func Ɵ ons are nonfunc Ɵ oning or are now performing erra Ɵ cally. These include:  Core Servicing Pla ƞ orm: ‐ Overview: The primary system used for loan onboarding, payment processing, escrow management, loss mi Ɵ ga Ɵ on processing and tracking, investor remi ƫ ng and repor Ɵ ng, and servicing for client por ƞ olios. ‐ Impact:  Loan Processing Disrup Ɵ on: The a Ʃ ack has led to a complete halt in loan onboarding and processing for client por ƞ olios.

 Payment Processing Stands Ɵ ll: Escrow management and mortgage payment processing capabili Ɵ es have been severely compromised.  Loss Mi Ɵ ga Ɵ on Processing and Tracking: The company’s ability to process and track progress in ful fi lling loss mi Ɵ ga Ɵ on for delinquent and defaulted borrowers has been halted because the system of record is inaccessible.  Investor Repor Ɵ ng and Remi ƫ ng: The company’s ability to accurately account for investor funds has been compromised due to the system interrup Ɵ on.

6

Made with FlippingBook - Online catalogs