The Optus hack has highlighted the significant risk posed to all businesses, and invidivuals, that are connected to the internet. Which means, unless you’re a Tibetan monk, that’s all of us.
Hackers don’t care how big or small you are, but rather what data or assets they can get their hands on and how they can exploit it for their own personal gain (or pleasure).
Real estate is a tasty target for cyber criminals given how much data we collect as an industry and the revenue that is generated, so it’s no surprise that cyber attacks and cyber insurance claims are rapidly increasing within the real estate industry.
Cyber security experts predicted that in 2022, there would be a cyber attack incident every 11 seconds. This is nearly twice what it was in 2019 (every 19 seconds), and four times the rate five years ago (every 40 seconds in 2016). It is expected that cybercrime will cost the global economy $6.1 trillion annually, making it the third largest economy in the world, right behind those of the United States and China.
“There are two types of companies: those that have been hacked, and those who don’t yet know they have been hacked.” – John Chambers, Former Cisco CEO
Why is the real estate industry particularly vulnerable?
While the motives behind a cyber attack can be wide-reaching, attackers target real estate businesses mainly for the following reasons:
- To gain a competitive advantage
- To access sensitive data stored in the CRM, trust account software and/or website
- To gain a financial benefit
- For fun (Yes, there are people out there who do this for fun)
One of the other reasons real estate businesses are particularly vulnerable, despite all of the advice out there, is because of the unfortunate lax approach by many businesses toward cyber security.
If you weren’t concerned (or scared) about your own cyber security before, you soon will be… Check out this video from John Hammond – a cyber security expert with over 400,000 YouTube subscribers – where he explains just how easy it is to hire a hacker on the ‘dark web’ for as little as $250 to take down a business or individual.
Here’s the reality… most real estate businesses and agents aren’t thinking about this stuff at all. They’re too busy listing and selling real estate. But just ask the many real estate businesses and agents who have been hacked, had their financial systems compromised or data and identity stolen, what it’s really like – emotionally.
It’s not fun to get hacked and it can literally be life-changing.
8 Critical Lessons For Real Estate Agents From The Optus Hack
The Optus hack has taught us all in business (and on a personal level too) that no matter how much you have invested in your cyber security systems and processes, you can still be hacked.
Here are 8 critical lessons for real estate agents from the Optus hack:
- It’s highly unlikely the authorities can/will do anything to help you if your business gets hacked. The suspected attacker(s) can boast about their attack publicly on the ‘dark web’ with complete anonymity.
- In the event of a ransomware style attack, even if you pay a ransom ($1.5m USD in Optus’s case) to keep your information private or to have it returned to you unencrypted, there are no guarantees the hacker won’t leak/sell it anyway.
- Being hacked is demoralising (watch the CEO’s raw emotion) and, for smaller businesses, potentially business-ending.
- Even if you have cyber insurance for YOUR business and YOUR data, you might not be covered if someone wants to take legal action for THEIR data being stolen from your systems. Optus is now at the centre of two class action lawsuits and likely many other legal battles down the track from customers who trusted Optus to protect their data.
- No matter how good your cyber security systems are, even the best systems can be hacked.
- If you’re not investing in cyber security training for your team, your business is ripe for the picking by attackers.
- You better have a good communication strategy around cyber incidents to inform your clients and staff. Optus didn’t and it’s hurting them every day. Your communication around cyber incidents could be the difference between keeping clients or completely eroding trust in your organisation.
- You should always have the mindset of “we will be hacked eventually” and build your cyber security strategies accordingly.
You’ve worked hard to get your business to where it is today, but just one little cyber attack could be all it takes to cause significant damage to your organisation and reputation. Cyber threats are becoming more sophisticated with advances in hacking, malware and social engineering techniques. One security breach could corrupt your business’s critical data, causing financial loss, reputational damage and liability to third parties.
Do you have everything in place to protect your business as best you can? I certainly hope that you do, or that you will.\