Aggregation Softens the Blow of a Cyberattack

In the 1900s, banks were threatened by gangsters in suits who pulled up in Studebakers, fired off a few rounds from their Tommy guns, and demanded the teller to fill a burlap sack with cold, hard cash.

Today, criminals have found a more subtle approach. Many have traded in their guns and getaway cars for laptops and an internet connection. The threat posed on financial institutions has moved online, where hackers launch coordinated cyberattacks on their intended targets.

Over the past few years these attacks have grown in frequency. While the motives vary, many people assume a cyberattack on a financial institution equates to a loss of money or information. However, certain attacks are intended to disrupt or halt online services altogether. These are defined as a denial-of-service (DoS) attack, and they can prevent customers from accessing the target’s website for an extended period of time.

Should a financial institution such as a bank fall victim to a DoS attack, their website can go offline for several hours, even days.  Needless to say, it can cause a real headache for their customers. If your clients find themselves in this situation, chances are they’ll look to you for guidance.

Advisors can shape the perception of their service by handling this request with tact. Using aggregation software, you can uncover essential account information to build a data contingency plan for your clients.

Clients in the Dark. Shed Some Light

In the event of a DoS attack, financial institutions aren’t bound by law to divulge a particular set of information to the public. Don’t assume institutions will be open to discussing the details of an attack.  Many remain silent in an effort to prevent further attacks from happening. However, to their credit, some institutions do post a response to a crisis.

More often than not, when online services go down, customers are directed to call centers for more information. But as you can probably imagine, the flood of incoming calls and extensive hold times make it nearly impossible to get immediate answers.

Your clients have come to expect continuous access to their finances, and when it’s taken from them, it can cause concerns. This is your chance to relieve that anxiety. If your clients have their financial accounts connected to aggregation software, you can provide them a backup representation of their financial picture.

With aggregation, advisors can gather the last accurate record of account balances and transaction details before a cyberattack hits.  Some aggregation solutions even offer Direct Feed relationships between certain institutions. Many Direct Feeds have the advantage of working independent from the institution’s website and are able to update seamlessly during an attack.

Regardless of the type of connection made to the financial institution, you’ll have a secure history of past data that’s ready for clients in emergency situations.

Preparing your Data Contingency Plan

A cyberattack can make your clients feel uneasy about keeping their money online, so it’s important that advisors regain that trust by demonstrating the positive side of their online services. Start by reminding clients that aggregation software is non-transactional, and money can never be transferred in or out of third-party aggregator websites.

Then, get proactive and assess the following information from the affected institution from your aggregation software:

  • The date and time of the last successful update
  • The balance of the account(s)
  • Any recent transaction-level data

Present this data to your clients to give them a better sense of where their accounts stood before the attack. The information will also help them validate against possible fraud once online services resume.

Next, assist them with any problems they’re experiencing resulting from the attack.

For example, if your clients rely on online banking for electronic bill payments, advise them to reach out to their lenders and other billers for an alternative method of sending payments. In a DoS attack, ATMs and sometimes mobile banking apps are still operational.

From here, ask your client to monitor the financial institution’s website periodically for full access. The institution may even have some channels of communication still open. Try checking social media pages for additional details. Pay particular attention to information about fees and see if any will be waived during outages.

Once you’ve mapped your data contingency plan, get your staff on board. Be sure that at least one person in your office is responsible for preparing your client’s data in a cyberattack.

With aggregation software, you have unique ability to show your client the last valid record of their full financial picture before the attack.  Advisors who use these tools to create a well-thought plan will receive a big vote of confidence and prove the reliability of their services to clients.

Anthony Cirio
Anthony Cirio
Anthony is your friendly neighborhood copywriter and content marketer at eMoney Advisor. He's been writing about Fintech for four years and has been with eMoney since 2010.

Leave a Reply