Almost all landlords now work with online systems one way or another. Whether you have your own website, you email your tenants, or you simply store all of the relevant information on a computer or device connected to the internet, the majority of administrative work can be considered to be ‘online’. Such a reliance on digitisation has generally been a very positive thing for both landlords and their tenants, but it does come with some challenges.
Perhaps the more serious and troublesome is that of cybercrime. If you use any kind of online service it is possible for your business to be targeted by cybercriminals. This means that landlords need to start taking this issue much more seriously and put powerful online cybersecurity measures in place.
In this guest post, we will take a look at the current dangers of cybercrime facing landlords, and what you can do to be more guarded with your online security.
Any Landlord or Tenant can be a Victim of Cybercrime
It is sometimes believed by landlords that they are an unlikely target for cybercrime. After all, if these cybercriminals are so advanced and sophisticated, aren’t they more likely to target large businesses and big corporations that they can steal far more money and data from? To a certain extent this is true, but remember that there are all levels of cybercrime, and many criminals prefer to aim at easy targets with apparently weak defences.
If you don’t have strong cybersecurity protections in place then it is much easier for a cybercriminal to take advantage of you than it is for them to try to defeat the defences of a well-funded business. In short: anyone can be a victim of cybercrime, no matter how small or profitable their company is.
This means that landlords need to take proactive steps to defend themselves and stop them from looking like an easy target.
Increase in Cybercrime in the Property Industry
It has been well established that cybercrime has been rising. It has been shown that cyber-attacks rose by 31% between 2020 and 2021, and it appears that this trend is moving in an upward direction in 2022. These kinds of statistics are worth noting on their own, but for landlords, the situation might actually be significantly more serious.
This is because there has been a huge upsurge in cybercrime targeting the property industry; well outpacing the general cybercrime rise. The boom in the property market, as well as the interest in cybercriminals in such a fast-moving sector, has meant that those working anywhere in the property industry need to be far more mindful of cyber security.
Landlords Need to Stay Compliant with the Data Protection Act 2018
It is important to remember the consequences of cybercrime. It is not just the fact that you could potentially have money stolen or that you could lose the trust of tenants by losing their data. In fact, you could also face a significant fine under the rules of the Data Protection Act 2018, which is the UK’s version of the more well-known EU directive, the GDPR.
Under the act, any business that holds the private information of individuals must have robust defences in place to minimise the risk of that data being stolen. If you suffer a breach and are shown to not have followed the guidelines in the act, you can be heavily fined. It is a much better idea to put strong protections in place.
The Risk of Ransomware for Property Businesses
One common form of cybercrime that is used against landlords is ransomware. This is a virus that locks the computer behind an encryption key and lets the user know that they can only have the data back if they pay a ransom. Perhaps most worrying is that the majority of businesses that suffer a ransomware attack pay the hackers to get their data back.
The best ways to prepare for a ransomware attack are to ensure that all of your data is backed up and to put strong controls in place to minimise the possibility of a hack being successful in the first place.
Email Scams on Landlords and Tenants
We are all aware of the issue of email scams. It is probably the case that your personal inbox is regularly spammed with suspicious emails telling you that you have won something, or that you need to log in to your bank account via a specific link. These types of phishing emails can be annoying, but if you know how to spot them, you are probably unlikely to fall for them.
However, there are more sophisticated forms of email scams that cybercriminals use. For example, a criminal might spoof your email address and get in contact with tenants telling them to change the bank account that money is paid into. In this example, the tenant pays the money into the new account and thinks nothing of it until the landlord sees that the payment is late.
Probably the best way to counteract this problem is to let tenants know about the possibility of this type of scam, and to inform them that if they receive any kind of email like this, they should contact you on the phone to confirm it with you.
Landlords Need an Incident Response Plan
One major issue for landlords who have never put any cybersecurity measures in place is not just that their system can be hacked – it is that they don’t have a plan for what to do when it happens. Working in the cloud is important because your data and documents are stored on a server that is both physically and remotely secure.
[Text Wrapping Break]In the norm, servers are well protected by firewalls cooped with software that can prevent hacking. However, even with watertight cybersecurity in place, you still need to plan for when the worst occurs, and if you suffer a data breach. A cyber incident response plan is a “set of actions and procedures that outlines an organisation’s response to security incidents. An incident response plan is designed to facilitate timely and effective incident mitigation by making it clear what steps should be taken and by whom.”
When you understand exactly what needs to happen in terms of a cyber breach, it allows you to move quickly and take the necessary steps to limit the potential damage. It can be a great idea to work with cybersecurity professionals to come up with an incident response plan so that all bases are covered.