- Published date:
- 27 February 2024
Ghosts in the machine? How can property companies deal with the threat of cyber security?
By Taylor Wessing
With the proliferation of proptech, demands on ESG data collection and the increasing operationalisation of bricks and mortar, today's real estate companies are dealing with more data than they ever have before. So far so good, but what happens when there are ghosts in the machines? How many in our sector are confidently addressing the risks and devising robust strategies to cope when the worst happens? A Taylor Wessing breakfast seminar hosted in London on 12 December, in association with UKPA, walked clients through the stages of a cyberbreach to help them avoid the jump scares.
Cybercrime is a big part of all our lives, and our sector is far from immune. A recent report from auditing firm Grant Thornton found that nearly half of property companies in Germany have been attacked by cybercriminals in the last year. It seems that the risk of being targeted is a case of when, not if, and yet many, many firms on either side of the Channel are believed to be unprepared to deal with an attack. The stark reality is that companies well versed in bricks and mortar are only just beginning to get to grips with their new vulnerabilities as they pivot into data rich, technology enabled businesses.
Types of cyber crime
First, it does well to ensure we are all on the same page when it comes to the smorgasbord of cybercrimes. The most common events involve:
- Malware – this is an umbrella term for when malicious software steals your data, hijacks your systems or even damages your network equipment;
- Denial-of-Service (DoS) attacks – when the victim's computer system is overwhelmed so normal traffic cannot be processed, resulting in denial-of-service to users;
- Phishing - when scam emails, text messages or phone calls are used to trick victims ultimately to download a virus, or reveal bank details or other personal information;
- Spoofing - when the criminal hoaxes a well-known individual to gain access to systems, steal data, or spread malware; and
- Identity-Based Attacks – this crime basically involves stealing or faking login credentials.
Share article