Your real estate brokerage, mortgage brokerage, property management company, or appraisal company is dependent upon electronics to function on a day-to- day basis from emails, online research, electronic storage of data, research and the like.
Cyber-criminals have developed “ransomware” programs to attack the electronic system of a business. The attack shuts down the electronic transmission of information to try and paralyze your business operation. The attacker then demands payment of a monetary “ransom” to unfreeze the shut-down — or your files will be erased.
“Ransomware” is malware (electronic code) that uses encryption to hold the electronic information system of a person or business for “ransom”. Your electronic data becomes encrypted by the cyber-criminal, so that your access to applications, databases or files is prevented.
The cyber-criminal demands that a monetary ransom be paid to allow access, usually by way of an electronic currency such as Bitcoin that cannot be traced.
There are ways to implement a business system to help prevent a ransomware attack. Here are 6 steps to take:
1. Update Your Operating Systems on a Regular Basis
Be sure your IT person has scheduled regular malware security updates on all computers, electronic operating systems, software and operation applications. The updates should be run at least weekly. This will help you close areas that cyber-criminals look to penetrate.
2. Maintain a written ransomware protocol for all employees in writing
Implement a written ransomware business protocol, where employees are not to open any suspicious emails and are to report any immediately to a supervisor. Have a quarterly security awareness training seminar for all employees, so they will know what to look for in a suspicious email. Sequester and delete suspicious emails completely from the electronic system.
3. Implement regular backups of data
Backing up your business’s electronic data on a regular basis and saving it on a hard drive is considered one of the most effective ways a business can recover from a ransomware attack.
The electronic files that are backed up should be stored offline in a safe place for any future need. Cloud backup systems reduce the effects of a ransomware attack, since many of these systems allow you to gain access to your electronic files before the cyber attack happens. You should test your backup system regularly to confirm that your files are being backed-up
4. Implement a written cyber-attack response plan
A detailed written response plan for a cyber-ware or ransomware attack should be in place. The plan should outline the specific steps your IT person should take to try and isolate the attack and keep it from spreading. The plan should lay out the specific lines of communication, with a list of people and companies to contact at all times of the day.
5. Have a securely-designed electronic system for your business
The best way to prevent a ransomware attack is to have your electronic business systems set up with security being paramount. Have your electronic system inspected at least on a quarterly basis by an IT person, and have them run appropriate tests to ensure secure configuration settings.
6. Have an intrusion detection device in operation
You can implement an operating intrusion detection device to search for suspicious electronic activity. The device will review normal network traffic logs and signatures to detect improper activity, and create an alert to the operational manager of the electronic system.
Are you covered?
Cyber issues can be dangerous and bring your business to a screeching halt. Make sure you protect your business and minimize risk with a cyber liability policy.
A Comprehensive Cyber Liability policy can provide broader coverage for events like ransomware and wire fraud, including the actual transfer of money or security. The insurance experts at CRES will shop the top Cyber insurance companies to find the broad coverage and low premium you need. (We’re now part of Gallagher, one of the world’s largest insurance brokers with access to unparalleled resources for you!)
Contact the team at CRES at 800-880-2747 to discuss coverage options.
About the Author
B. Edward McCutchan, Jr.
Sunderland | McCutchan, LLP
Mr. McCutchan’s practice is primarily civil litigation with an emphasis in defending professionals and businesses in real estate, mortgage brokering, construction, banking and agricultural industries and all phases of dispute resolution through trial and appeal. His area of practice is also agricultural law (viticulture and wineries), trusts and estates, probate, real estate transactions, business law and elder abuse. B. Edward McCutchan, Jr. was admitted to the Bar in 1985 and is admitted and qualified to practice in all California courts and the U.S. District Court, Eastern and Northern Districts of California as well as the United States Tax Court.