800-646-0700         LOG IN        CONTACT US        FREE TRIAL
Cloud Technology Blog for RIAs and Broker-Dealers

That Massive Internet Attack Might Have Impacted Your Clients

10/31/16 2:00 PM / by Justin Kapahi

Their own devices may have played a role in the hack that shut down several major websites.


Why should wealth management firms care about yet another hack that temporarily downed a few websites? Because, this time, your clients care. After all, “the Internet of Things” affects everyone.

The Mirai botnet attack that recently prevented access to over 1,200 websites including Twitter, Amazon, Netflix and PayPal is unprecedented in technique and scope. It hijacked thousands of internet-enabled devices like cameras, DVRs, Smart TVs and refrigerators to flood the domain registration services provider Dyn Inc. with a massive distributed denial of service (DDOS) attack. Since Dyn provides domain name services to some of the largest companies on the web, the result was widespread.

Anybody, including wealth management clients, could own the devices that played a role in the hack. Moreover, a similar hack could just as easily crash the websites of banks, broker-dealers, custodians or even RIAs. And, although this incident may be the work of amateurs, experts agree that it likely will inspire others in the future. Here’s what advisory firms and their clients should know about this evolving threat.

Dyn Incident

On Friday, Oct. 21, unknown perpetrators targeted Dyn’s managed domain name system infrastructure in a series of attacks. The first incident struck the East Coast beginning at 7 a.m. and lasted two hours before Dyn could mitigate damage and restore service to websites for visitors in the region. A second incident struck shortly before noon Eastern Time, this one more global in nature, but was brought under control by about 1 p.m. ET. Hackers also attempted a third wave, but Dyn prevented it from interrupting service to company websites.

Dyn has stated that it noticed tens of millions of IP addresses involved in the Mirai botnet attack, stemming from multiple vectors and internet locations. That means the hackers used numerous methods of gaining access to Dyn’s system from different types of devices in order to deliver the payload. In the days since the incident, private-sector analysts have argued that it seems neither monetary theft nor foreign state-level espionage were motivations for the attack. 

Immediate Fallout

Webcam circuit boards from Chinese electronics firm Hangzhou Xiongmai were among the devices confirmed to have been hijacked into pushing the DDoS attack. Consequently, that firm is recalling those devices. Other product makers could initiate their own recalls, since Dyn might have legal grounds to sue them. But recalls rely on consumers actually turning over their devices. Until that happens, the backdoor vulnerability that gave the hackers access to the devices remains open to future attacks.

The U.S. Department of Homeland Security has been in contact with Dyn, as well as certain product makers, since Oct. 21. The agency has pledged to release a detailed plan in the coming weeks to safeguard the Internet of Things. On Monday, Oct. 24, two U.S. senators requested the White House coordinate with Congress to craft legislation that will enhance cybersecurity defenses and communication with the technology industry. 

That same day, President Obama was quoted as saying, “One of the biggest challenges for the next president and the president after that and the president after that is going to be: How do we continue to get all the benefits of being in cyberspace but protect our finances, protect our privacy? How do we balance issues of security?” 

Financial Repercussions

Financial advisors need to put the larger repercussions of the incident in perspective for clients. The Internet of Things exists in many more types of devices than those used in the Oct. 21 attack, and future hacks may be much more financially devastating. 

For instance, Facebook has invested heavily in virtual reality headsets; Tesla is building driverless cars; and LG now supplies tools that control washers, dryers, refrigerators, ovens and robot vacuums through the internet. Advisors should warn clients about the financial risks of sharing ever greater amounts of personal information online with third parties that lie outside the reach of a client’s advisors. Theoretically, it now could be possible for hackers to access a bank account through a refrigerator.

Given that clients increasingly use internet-enabled devices vulnerable to hackers, advisory firms should implement the most advanced cybersecurity precautions possible. The priority should be protecting confidential data and core operating systems in a cost-effective manner that abides industry regulations. For further guidance, consult with IT experts specializing in the wealth management space.

Topics: Financial Services, Cybersecurity, Technology

Justin Kapahi

Written by Justin Kapahi

Justin Kapahi is VP, Solutions & Security for External IT. He has over 15 years of experience in technology & finance and is the former CTO of Fairholme Capital Management.