The current impact of cybercrime on the property industry

It was worrying but not surprising when another property business hit the headlines for suffering a cyber breach. In November 2021, a large property conveyancing firm admitted that a cybersecurity breach had taken down their system, which held up thousands of house buyers using the company. 

Premier Property Lawyers is the UK-based business that announced this ‘security incident’ had taken place. The news broke that this was causing hold ups, leaving customers frustrated and potentially putting sales in danger of being cancelled altogether. 

And, while we might look at this kind of cybercrime and feel thankful that we were not held up in the incident, this sort of attack is becoming all the more frequent as we enter 2022. 

Rising numbers of attacks

One of the major issues around cybercrime in property industry businesses is that these attacks are becoming more common and sophisticated. That is a huge worry for any company in the sector, as it means that they are more likely to be targeted by cybercriminals than ever before.  

Paul Offley, compliance officer at The Guild of Property Professionals said: “Cybercrime is more prevalent than ever before, and given the fact that agents have a considerable amount of sensitive data they hold, it is vital that all possible precautions are taken to avoid a potential incident.

“If large corporations are vulnerable to being infiltrated, how much more susceptible are small businesses such as an independent agent, who may possibly have less robust cyber defences.”

These rising numbers show no sign of abating any time soon. This means that if you have a business in the property industry, it is essential to think more closely about the ways in which you can keep it secure. 

Why are property businesses at risk?

Of course, it is worth asking: what makes the property sector so potentially attractive to cybercriminals? Perhaps it should be noted that we are seeing rising cybercrime as a general rule as well as in the property sector, but this industry does nevertheless remain a common target for criminals. 

To understand why this is the case, we only have to look at what cyber attacks are generally attempting to do. In the vast majority of incidents, cybercriminals are looking to steal money or personal information. These are both things that you can find in droves in and around property transactions. 

It could also come down to the fact that the property industry as a whole may be ill prepared to defend itself. In a recent survey, despite the increasing use of technology to support property transactions, only 50% of real estate businesses believe that they are adequately prepared to prevent or mitigate a cyberattack. 

Cyber attacks do more than just financial damage

It is well established that suffering a cyber breach can be extremely financially damaging to a business. There are the cost implications of slowing down your company from doing its normal daily routine – and that’s before we get into whether the cybercriminals were able to actually steal or extort money from the business. 

But cybercrime actually creates far more serious problems than just the initial financial challenge. Perhaps the most damaging issue for any business caught up in cybercrime is the damage to their reputation. 

When customers provide you with their personal details, they trust you to keep them safe. Suffering a cyber breach is an indication that your company didn’t put in the necessary safety measures.

How can property businesses protect themselves?

Property businesses do need to realise that they are ultimately responsible for defending themselves. Thankfully there is plenty that you can do to protect yourself if you run a real estate or property business. Some of the most effective techniques include:

Investing in high quality cybersecurity software

Unfortunately one of the most effective ways to deal with cybersecurity risks is simply to put in the right investment. As criminals become more sophisticated and well-funded, it is up to companies to match them by investing in powerful software themselves. 

“The huge rise in ransomware attacks is a trend only likely to continue and means that investment in next-gen antivirus and Endpoint Detection and Response tools should be a high priority for security teams,” says George Glass, Head of Threat Intelligence at Redscan “these software help uncover malicious activity in its infancy by monitoring endpoints such as servers and workstations for evidence of suspicious behaviour – rather than solely analysing file signatures”.

Limiting access

This idea might come across as a simple one but it can be enormously effective in mitigating cybercrime risk. You should not give full system access to each of your workers. Doing so means that any time that a single user suffers a breach, the criminals will have access to all of the data and details in your system. 

It is a much better idea to limit access, for example, by only allowing new staff to access the data they need to do their job. That way, if they are breached, the hacker will only be able to access a small amount of data

Training staff properly

It is important to put the right training sessions in place. The majority of cybersecurity breaches are still caused by human error, rather than anything a computer does. In IBM’s Cyber Security Intelligence Index Report, human error was found to be a major contributing factor in 95% of all breaches

Clearly then, the more that you can do to prepare staff for the possibility of facing a cyberattack, the better it will be for your business. 

Ensure identities are verified

Cybercriminals have been extremely adept at spoofing email addresses. That means if your property business gets an email apparently from the client requesting something in terms of their own personal data or finance, it is imperative that you verify that you are genuinely speaking to the right person. 

Cybercrime can have a drastically negative impact on any business in the property sector – large or small. It is up to the companies themselves to ensure that they have the right defences in place to keep customer data and finances secure. Failing to do so can be extremely costly, and not just from the perspective of company finances.