Is Your Estate Agency Ransomware Safe?

Cyber security for the UK estate agency

UK businesses have many areas that need to be satisfied in order for them to turn over a healthy profit, develop a strong brand image and stay one step ahead of the competition. It’s a sad fact that in 2022 one element that is often overlooked to the detriment of the business in question is that of cyber attacks.

Highly organised and incredibly intelligent criminal organisations operate with the sole purpose of extorting money from you and your company. I’m not just speaking of small pockets of money. You are looking at potentially losing tens of thousands of pounds, which is a hit that many UK businesses cannot afford to take. 

If you are not prepared, then it is not a question of if but when you fall victim to a Ransomware attack.

What Cyber Threats Threaten your Business?

There are many threats to the security of your business of which Ransomware is just one (all be it a particularly dangerous one). Let’s take a brief look at some of the main threats out there then delve into Ransomware and how you can avoid it.

Sound good?

Great, lets go…

Do your employees use weak passwords?

I’m willing to bet that after reading this section, the majority of our readers will be inclined to change their password:

Imagine some unscrupulous individual has unrestricted access to your company account or email, what damage could they do? 

One of the easiest ways to do this is for them to ‘guess’ your password, log onto your account and literally take what they want or install damaging code that can take your key financial information for example.

How safe is your business password?

If your password contains any of the following then you are easy prey for all hackers out there:

  • Your children’s / partners / pets names.
  • As above but with a number 1 after or 1234 or 1111 (you get the idea).
  • Qwerty (the first four keys on a standard keyboard) this also applies to asdf, zxcv, poiu, lkjh, mnbv.
  • 123456 – over 26 million business people in the UK have this as a password!

 

I know what you are thinking:

Looking at the first two points above, how would a cyber criminal know my children’s, pets, or significant others name?

Remember, we are not speaking about hoodie wearing teenagers in, sitting on a laptop in their less than hygienic bedrooms. They are highly organised social engineers. Such information as mentioned above is very easy for these people to find.

Phishing business attacks

And it is not just Phishmongers who need to protect themselves against a phishing attack (sorry, couldn’t resist). 

Ever receive a phone call from someone who claims to be connected to your business in which you divulge key information, which can be used to gain access to your password or personal data? 

Perhaps you have divulged information and on the back of this you receive an email, maybe a week or two later (long enough for you to forget about the call) that looks genuine enough. You follow a link and hey presto criminals have a back door in to your account do whatever they like. 

Estate agents in the UK are regularly victims of phishing attacks. Consider how big your estate agency team is and the roles and responsibilities that your staff have. The chances are, at its busiest, you operate a fast paced, time sensitive, at times stressful office, with your staff needing access to sensitive information (often on the move). Under such circumstances there are so many opportunities for criminal social engineers to learn your procedures and infiltrate your organisation.

Disgruntled ex employees with an axe to grind

Many estate agencies in the UK tend to have a high turnover of personnel; sometimes employees simply go in search of pastures new and others are compelled to leave by those in authority. 

Without a robust IT system in place, those individuals who once worked for your organisation could cause some real trouble by sharing, removing or even deleting sensitive information.

Ransomware (not if but when)

And we end up back where we started – Ransomware.

Ransomware is a type of malware in which sensitive information is taken from your system and you are forced into paying a hefty ransom (hence the name) to get it back. Over 60% of businesses in the UK closed down within six months of a Ransomware attack (Over 70% within nine months). 

According the ‘Deep Instinct Cyber Security,’ ransomware attacks from 2019 to 2020 increased by 435%. That number is significantly higher now and is leading IT professionals to confidently state that it is not if but when you will be attacked by a ransomware threat. 

How can you protect your business from a ransomware attack?

Unless you run an IT company with this particular specialism, then it is unlikely that you will be able to do anything to protect yourself against a ransomware attack.

So, when enlisting the services of an IT company you want to make sure that they encrypt the data and that the data is stored in highly secure locations, both physical and cloud based (and no, Microsoft 365 is not secure enough). 

In the current ‘break / fix’ culture, in which something breaks and you call your IT consultant to get you up and running again, if your business suffers a ransomware attack, then in all eventuality it is game over, it can’t be fixed. This means that whatever IT company you use needs to operate under a more proactive banner, actively preventing ransomware attacks before they have a chance to raise their ugly head!

I hope you have enjoyed this post and found it useful. 

Munki Business IT is currently offering a FREE diagnostic health check worth £2,000, in which we analyse your systems and processes and security systems, from which you will receive a comprehensive, no obligation report. 

To take advantage of this get in touch below

When is the best time for us to get in touch?