Skip to main content
main content, press tab to continue
Campaign

Cyber spotlights on the real estate industry: Identify, assess, protect

Dive into cyber spotlights on notable incidents, latest threats, current trends, and tailored solutions for the real estate industry.

This spotlight delivers an overview of the latest cyber risks impacting the sector generally, including recent incidents and emerging threat vectors. We also highlight our specialised insurance solution designed to address the unique cyber vulnerabilities faced by organisations in the industry. Read more from our insights to help enhance your organisation’s cyber risk management approach.

What cyber incidents have we seen from the real estate industry?

The increased frequency of these incidents reflects the heightened cyber risk landscape in the real estate sector. Understanding the scope and ramifications of such incidents will inform your organisation’s ability to effectively develop risk management and transfer strategies

A large Canadian rental company advised tenants that their personal information, including bank account details, was potentially compromised when a third party was able to a gain access to its IT network. Credit monitoring has been offered to affected tenants in an effort to protect those tenants against identity theft.

Read more here

The company confirmed that unauthorised access to a testing server led to the exposure of personal information belonging to 1,313 current and former employees dating back to 2007. The company duly notified affected employees, established a support hotline and rebuilt the affected server.

Read more here

Reports suggest that data was encrypted on 40,000 computers within the company’s network. The business reported, however, that its business operations were unaffected.

Read more here

Cyber insurance claims we have seen from the real estate industry

The following examples show some of the notable real estate cyber claims handled by WTW’s claims team:

phishing

Social engineering: phishing

The insured’s email account was compromised by a third party. Thereafter, the third party perpetrated an impersonation fraud scheme against the insured’s clients by way of invoice manipulation in an effort to divert funds for payment of the insured’s services.

fraud

Unauthorised access to network

The insured discovered that a third party had successfully gained access to their network. They set up accounts administrative privileges in an effort to access the wider network. Fortunately, the insured was able to

laptop-error

Ransomware attack

A ransomware attack was deployed against the insured. Key files were encrypted and a ransom demand was made in return for the encryption key, The insured took remedial action, including voluntarily shutting down its network.

Ransomware

Data breach

Sensitive employee data, including financial information, was inadvertently shared to colleagues within the wider business of the insured.

Source: WTW proprietary claims data


Cyber threats facing the real estate industry

Cyber incidents affecting real estate businesses recorded in the public domain together with WTW’s own claims data, suggest that data breaches, ransomware and cyber crime, all with a motivation towards financial gain, are, at the present time, the prominent cyber risks for the industry sector. WTW’s own claims data and data collated by insurers indicate that the real estate sector is in the middle of the pack in terms of notification of cyber incidents based on industry sector.

Real estate cyber market trends

The real estate industry has continued to feel the benefits of the softening Cyber market throughout 2024. Insurers are continuing to improve their insurance offering by lowering retentions, increasing capacity and enhancing coverage – all with a competitive premiums available.

The Real Estate sector is within insurers’ core appetite on the basis it is seen as a low cyber risk exposure industry, which in turn promotes competitive pricing within the sector.

As with all sectors, there is an expectation of high security controls to be in place as standard for Insureds. There is a consideration that the Real Estate Sector could be seen appealing for cyber criminals, where companies do not invest as much into their IT and Cyber Security controls as Financial Institutions for example.

As with other industries we cannot ignore the impact of global events such as Crowdstrike for various industries. For reference, on July 19 2024 cyber security company CrowdStrike released a flawed software update to Falcon Sensor, their vulnerability scanner that detects system intrusions and hacking attempts. The update disrupted 8.5 million computers worldwide that used the Windows operating system.

Although not directly linked to the Real Estate Sector, the systems outage had a significant impact globally on its customers business operations, meaning businesses were unable to operate for several hours whilst the outage was rectified. Numerous industries were impacted by the outage demonstrating the reliance on IT Vendors and the affect this one incident had on global IT infrastructure. Where real estate businesses rely heavily on digital platforms this is the perfect opportunity to review their Cyber-Security measures to protect themselves for the future.

How WTW can help with identifying, assessing, and protecting your business

SOLUTION

Concerned, confused, or curious?

WTW is here to help you and your organization identify, assess, and protect itself against cyber risks. Our team of cyber specialists, with years of experience in your industry, will provide you with peace of mind, allowing you to focus on your day-to-day role.

Contact us