22A — June 18 - July 22, 2021 — Owners, Developers & Managers — M id A tlantic Real Estate Journal


O wners , D evelopers & M anagers

By Nick Ottum, CPA, MBA, Withum Cybersecurity for Real Estate Companies

ybersecurity has been one of the most com- mon buzzwords of the 21st century, as industries become in- c r ea s i ng l y r e l i ant on techno l ogy for day- to- day opera- t i ons . The real estate industry is no exception to this trend. With the normalcy of online rent payments, wire trans- fers, and ACH transactions, servers filled with sensitive C Nick Ottum

information relating to proper- ties, mortgages, and tenants, batch accounting systems ac- cessed through virtual private networks (“VPN”), and much more, cybersecurity should be a priority for every real estate entity. As if that alone were not enough, the Corona- virus pandemic has brought cybersecurity concerns to the forefront due to an increase in remote working. In addition, hackers are getting more dif- ficult to stay away from with the use of artificial intelligence (“AI”) in the form of “bots” that automatically search for new targets to test for weaknesses

without the manual guidance of a hacker. Due to the use of AI, a web server will be detect - ed by a hacker for the first time in an average of eight minutes after first being launched. That being said, there is no need to panic; hackers should be thought of as another form of business competition. With an understanding of the cyber- security threats to your com- pany and proper preparation through security programs, you can mitigate the risk of business shutdown due to a cybersecurity attack. How and why do hackers attack real estate entity

cally a sum of money, is paid. Hackers use the attacks mentioned above to either block the ability to make mon- ey or steal money directly. The first scenario uses ran - somware to block access to computer systems and halt operations. Attacks are often timed to occur at the worst possible moment for a busi- ness in order to force the pay- ment of a ransom. Hackers are becoming increasingly more effective with this strategy as they spend more time study- ing niches and looking for the perfect moment to strike. For real estate companies, an at- tack could be generated near the end of the month, so that operations can be halted on the first of the month when most transactions occur. After operations are halted, it takes an average of 7 to 14 days for mid-sized firms to become fully operational again. For the second scenario, hackers can steal directly from real estate entities by hacking into the computer system by way of phishing and then uti- lizing wire transfers, which is one of the most lucrative areas for hackers of real estate firms. Real estate companies must be aware of their most valu - able and vulnerable functions, including wire transfers and various sources of confidential information stored on com- pany servers. When it comes to cybersecurity attacks, a com- pany is fine until it’s not, so preemptive measures should be taken. Another “why” that real es - tate entities should be aware of is an increased scope across niches by hackers. Industries that have seen a higher rate of attacks in the past, such as the healthcare industry, are now putting significant investment into cybersecurity measures. These measures have forced hackers to broaden their scope to include industries that have not been under attack to the same degree, such as the real estate industry. A lack of at- tacks usually means a lack of investment in cybersecurity, so the real estate industry is a soft target for hackers. Considerations when implementing cybersecu- rity programs Can your business operate without computers? This is a question real estate companies must ask when considering continued on page 31A

computer systems? There are many ways that a hacker can attack a company’s computer systems, but the two most common are: • Phishing – emails sent from hackers that appear to be from reputable sources and are designed to entice company personnel to reveal confidential information or click on attachments within the email that allow attack- ers to hack into the company’s systems. • Ransomware – a mali- cious software program that prohibits access to computer systems until a “ransom,” typi -

Integrated Business Systems and Acumatica provide the best business management solution for transforming your company to thrive in the new digital economy. Connected Business. Delivered.


(973) 575-4950

Made with FlippingBook Ebook Creator