Latest News

Are you cyber-prepared?

13 July 2018

Technology is inescapable in the real estate industry. With near complete reliance on computer networks, email and data, cyber incidents pose a growing risk to agents and agencies.

The financial impact of cyber-crime, ransomware, privacy breaches and system outages have the potential to cripple a business. This, coupled with an increase in cyber-crime and recent regulatory changes, means agents must look closely at their cyber-exposure and resilience to cyber-risk.

A quick cyber-audit

Do you store sensitive data such as names, addresses, telephone numbers, and credit card details of your employees and customers and suppliers in databases or historical files?

What would be the impact on your business’ revenue and reputation if your key operating systems went down?

What effects would a data breach have on your business – both from an operational and a cost perspective?

How prepared is your business to respond to a data breach or cyber-attack?

If any of the questions left you scratching your head, you may need to review your cyber-security.

Tighter regulations

As the incidence of cyber attacks increases, so to does the regulation of data breaches in Australia.

The Notifiable Data Breaches (NDB) scheme (effective 22 February 2018) requires businesses to report unauthorised access to, disclosure of, or loss of information likely to result in harm. The legislation also requires a regulated business to investigate a suspected data breach within 30 days. Non-compliance could result in hefty fines.

Case studies

Are your employees trained to recognise malware breaches?

A modelling agency with $7.5 million in revenue suffered a major cyber-crime loss after malware infected two of its computers. Disguised as a genuine update for the business’s bank card reader, the malware requested the employees enter the banking pin code to enable the update to take place.

About two days after the employees entered the pin codes, it was discovered they were used to authorise payments to fraudsters from the business's bank account. In total, $1.3 million was withdrawn from the business's accounts.

While the bank recovered approximately $500,000 of the stolen funds, the business was left $815,000 out of pocket.

Are your retail terminals adequately protected?

A retailer suffered a payment card data breach after hackers placed malware on the payment systems at 15 of its stores.

The attack was uncovered after card brands notified the retailer of a potential breach. Over 30,000 payment cards were compromised, costing the retailer $345,000.

Following the breach, the retailer instigated a Payment Card Industry forensic investigation. Given the number of locations impavcted, the investigation reached $95,000.

The retailer was also liable for $31,900 in legal fees.

Does your policy provide cover for a broad range of electronic crimes?

A small, independent hotel operation was the victim of a cyber-attack as a result of an employee clicking a link in an e-mail. 

The hotel's email and accounts systems froze and they received a message demanding the payment of a ransom.

It took the hotel's IT team more than two weeks to clear their network of the virus, with damages costing upwards of $15,000.

Are your electronic systems protected from hackers?

Soon after an interior design firm installed a new VOIP (web hosted) telephone system, hackers cracked the password to the phone network and programmed the system to repeatedly make calls to a premium rate number owned by them.

One month later, the firm received a $25,000 bill from their network provider.

Despite confirming that were the victims of hacking, the network provider insisted on payment of the outstanding bill as their insurance policy did not cover this type of incident.

Want more?