Ransomware Threats in Commercial Real Estate – A Common Cyber Threat

Looking for strong insurance content that is specifically written for your expertise and clientele?

This is an example of content we recently wrote for a Commercial Real Estate Insurance client:

Ransomware threats in commercial real estate are increasingly a concern for real estate portfolio owners and managers. Ransomware is a type of malicious code infecting your computer. It prevents access to your own computer files, usually until you pay a ransom. Restoring your computer’s system and files may successfully combat a ransomware attack. However, many businesses and municipalities pay the ransom to regain access to their information. If ransomware strikes your computer system, you will have to decide whether to pay a ransom or restore your computer. However, payment is never a guarantee that you will regain access to your files.

Signs of a Ransomware Attack

According to CoreLogic, infected sites cause most ransomware attacks. Someone who has access to your system, often an employee, accesses an infected site. Anti-virus software developers have made infected emails rare. However, browser security flaws can lead to ransomware hacks.

Here are some signs of ransomware on your system.

  • Your web browser or computer displays a locked message that includes instructions for unlocking your system.
  • Your file directories display a .txt file titled “ransom note” or similar wording.
  • Your files have new file extensions added to filenames. Some examples include .locked, .locky, .crypto, .vault_crypt, or a longer extension with random characters.
  • Your computer files disappear and then sometimes reappear.

What to Do If Ransomware Infects Your Computer

According to UC Berkeley’s Information Security Office, if you suspect a ransomware attack, immediately take these steps.

  1. Power off all units. Having infected one machine, the malware will infect the rest of your network.
  2. Unplug your system from all networks. Then disable all network adapters, such as wireless interfaces.
  3. Contact your information technology (IT) personnel inhouse or your external IT provider.

What Steps Can You Take to Reduce the Risk of Ransomware?

Here are steps commercial real estate personnel can take to reduce their risk of ransomware attacks.

  • Using similar passwords at work and on social media can lead to ransomware attacks. Make sure your employees know this. You also can reduce or eliminate your social media presence.
  • Realize the Internet of Things (IoT) causes the emergence of new threats. According to TechRepublic, IoT can cause system vulnerability. These IoT include security monitoring systems and remote keys. Home appliances in residential commercial real estate may expose your system to ransomware attacks, according to TechRepublic.
  • Train your employees to increase their awareness of ransomware threats. After initial training, provide employees with frequent reminders and updated training.
  • Conduct “penetration testing,” an attempt to hack into your system by “ethical hackers,” to find vulnerabilities in your system.
  • Ensure your IT personnel update anti-virus protection.
  • Prohibit users from installing and using software you have not approved.
  • A “third line of defense” in the cyber battle is the internal audit. According to Deloitte, “Internal audit should play an integral role in assessing and identifying opportunities to strengthen enterprise security.” Make sure this audit tests the “full cybersecurity framework, rather than cherry pick items.”

Will Your Cyber Insurance Cover Ransomware Threats?

The standard commercial property  and businessowners policies offer limited coverage for computer-related losses. These policies provide coverage for physical loss to computer systems, such as a fire or theft. This is not the case for cyber losses, including ransomware attacks. Policyholders may find that coverage offered to meet  today’s cyber threats is inadequate without a standalone cyber policy.

Today’s standalone cyber policies, however, can offer coverages and endorsements for this type of evolving risk. A 2017 survey by the Risk Management Society (RIMS) revealed that 83% of respondents had a standalone cyber insurance policy in 2016. Granted, RIMS members are usually larger businesses. However, the smaller your business, the more likely you are to have cyber issues. Small commercial real estate businesses may use an in-house or an outsourced IT department. In either case, your IT staff’s skills may be inadequate to meet today’s rapidly emerging cyber risks.

Why risk a catastrophic breach without the proper cyber coverage? Today’s cyber policies that include ransomware risk coverage may offer the following coverages.

  • Ransom coverage for payments made to recover access to your files.
  • Extortion-related expenses such as the hiring of computer experts to help you manage the threat.
  • Restoration costs to reconstruct or repair lost or hijacked data or software.
  • Business interruption coverage for lost revenue due to a ransomware or other cyber incident.

Not all cyber coverage, however, responds to ransomware. Today’s cyber policies can contain a variety of insuring agreements, all which offer different coverages.

What Ransomware Coverages Do Commercial Real Estate Owners Need?

Working with a broker experienced in cyber coverage, here are some of the loss exposures to consider when purchasing a cyber policy.

First-party costs include loss to data, software and hardware. Lost income and business interruption also can occur while your IT department scrambles to undo the damage caused by ransomware.

Third-party costs can include privacy breaches and even stress and mental anguish claims arising from others your breach might impact.

Remediation costs include legal and forensic services. You may need a crisis management firm to help limit public relations damage.

Fines and penalties are a concern if a ransomware attack compromises the intellectual property or the trade secrets of others with whom you do business.

Cyber coverage can be confusing because one standalone cyber policy may contain as many as ten insuring agreements. New insurers enter the market almost weekly with fresh cyber coverage forms. Comparing cyber coverage is difficult even for the experienced insurance buyer. Cyber coverage options also create other questions. How can you evaluate an insurer’s breach support services, its loss prevention expertise, or its claim-handling knowledge? All these elements are crucial to consider when choosing the best cyber coverage.

Working with an experienced insurance broker can help ensure you have the tailored coverage you need in today’s commercial real estate environment.