Few industry sectors are immune to the risk posed by cyber criminals, but at first glance the property industry might seem an unusual target. However, real estate agents facilitate the sale of million-dollar assets of a regular basis, and their data can contain a trove of sensitive financial and personal data that presents an attractive target for the perpetrators of online fraud. The Intelligence Team at Intalock are aware that online attacks in this sector are on the rise.
A real estate firm that is victim of a successful online breach can expect some adverse repercussions that include:
- Direct financial loss
- Business interruption while compromised data is recovered or restored
- Reputational damage
- A decline in market share and confidence
- Potential liability claims and/or lawsuits
Given the level of trust required to settle large financial transactions, the damage done to the reputation of real estate firm can have devastating commercial implications. Real estate agents can spend years building a favourable reputation based on honest and transparent dealings, only to see it destroyed by a cyber security attack that attracts the worst kind of publicity and attention.
The game plan employed by cyber criminals varies little from one industry to the next.
- Phishing – an attack involving email or text messages, fake ads, or fraudulent social media pages and websites. Criminal hackers lure individuals to click a link or download an attachment that allows access.
- Ransomware – hackers first penetrate an organisation’s systems by identifying gaps in its defences or convincing an employee to download an attachment, and secondly take control of the organisation’s data and demand a ransom be paid.
- Business email compromise – an attack that focusses on hacking corporate email accounts and attempting to impersonate an employee and thereby defraud the organisation.
- Insider attack – a large percentage of cyber-attacks originate from within the affected organisation. Rouge employees are granted access to sensitive material, only to abuse their position and commit fraud.
So how does the real estate sector protect itself from cyber-attack? We would recommend:
- Undertaking a comprehensive security review either against the essential 8, NIST Framework or ISO 27001. You may also run a yearly penetration test as a quick way to identify vulnerabilities that exist in your network and make is easy for hackers to get inside.
- Research to identify the right security solutions for the size and type of organisation involved
- Regular employee training focussed on identifying suspicious activity and the steps required to counter the effort of cyber criminals
- Maintaining a thorough understanding of the regulations pertaining to the property sector
Real estate firms would be wise to choose a reputable cyber security partner with extensive experience and known clients within the industry.
After all, it might only take a single attack to destroy a reputation that has been years in the making.
Speak with an Intalock specialist today about your organisation’s cyber security needs.
Learn more about the Intalock Advisory Service and how to protect your organisation with cyber security solutions.
Download the Intalock Advisory Services Overview – Information sheet.