There has been a marked increase in the number of cyber attacks on the website of collection agencies in recent weeks, and experts warn that more attacks are on the horizon.
Specifically, websites of those involved in the collections and debt buying industries are being subjected to what are known as “distributed denial of service” attacks. What happens during a DDoS attack is that a website is flooded with traffic. One expert likened it to every kid in your neighborhood knocking on your door, making it unable for you to realize that someone is at your door trying to deliver a package.
“There has been a huge lift in DDoS attacks in the ARM industry,” in the past month, said Adam Parks, who runs Branding Arc, a marketing agency that manages the website of a number of collection agencies and debt buyers. “No data has been exposed and we’re winning all the battles.”
Who the attackers are remain to be seen. Possible attackers include groups that are trying to break in and steal personal information of consumers, such as names, credit card details, and Social Security numbers, consumers or consumer groups that are upset with the industry, or that hackers are trying to break into any type of financial services organization it can.
“Collection agencies as a standalone doesn’t have the most desirable data,” said Jeremy Mapes, who runs Mapes Consulting. “But as part of the financial world, that makes them part of the target world that people want to go after.”
DDoS attacks can also be used to mask actual breaches or fraudulent transactions, said Greg Schaffer, the founder and CEO of First72 Cyber, a data security company.
“Sometimes, a DDOS is designed to prevent a response to a breach that has occurred,” Schaffer said. “Something like a fraudulent wire transfer. If I am able to steal a credential from a business and use that credential to log on to bank’s site and initiate a fraudulent wire and then launch DDoS against the bank so that it’s impossible to log on legitimately and see that this transaction has been put in motion, I increase the likelihood that the wire is going to be executed and not be interrupted.”
Parks said he hasn’t noticed any connection between the DDoS targets but the type of attack has been the same. Schaffer added that his firm is seeing attackers that are moving “downstream,” and transitioning away from targeting larger companies to instead going after smaller organizations, which may not have the same amount of data to be stolen, but which also may not have the save security measures in place.
The overall frequency of DDoS attacks has increased nearly threefold in the past three years, according to data released this summer by Cisco. That number is expected to continue increasing through 2020, according to the technology company. As Mapes pointed out, it really doesn’t cost anything to launch a DDoS attack, so hackers can continue trying until they are either caught or successful.
For collection agencies looking to protect themselves, the first step is having a firewall in place and actively monitoring it. Do not “set it and forget it,” as Mapes said. Parks said that all companies should have a set of policies and procedures to follow in the event a successful DDoS attack is launched.
Collection agencies can also opt to block internet traffic from geographic regions where they do not expect any business to originate from, such as foreign countries like China.