What real estate agents and brokers should be doing about WannaCry

Are you running any business software or storing data on a computer that’s using a Windows operating system? Then you’ll want to read up on the latest cybersecurity attack and make sure you’re taking steps to protect yourself (and your real estate clients) from hackers.

Last week, a ransomware attack began infiltrating computers all over the globe; by the end of the day Friday, an estimated 57,000 devices in more than 150 countries were affected, and that’s spread to more than 200,000 devices by this morning. Widely known as WannaCry, the ransomware (Wanna Decryptor, also known as WannaCrypt and WanaCrypt0r) does basically exactly what the name indicates: It holds all the files on your computer for ransom until you pay up.

WannaCry cast a wide net for targets, including:

• FedEx, the shipping giant
• Deutsche Bahn, the German rail network
• Telefonica, a Spanish telecommunications operator
• Russia’s interior ministry
• The National Health Service in Britain

It’s far from the first time that hackers have done something like this, but it might be the first time they used an operating system vulnerability that was stockpiled by a government agency — in this case, the National Security Agency — that was then stolen and used to craft this attack.

Why attack?

Cyberattacks that hobble some businesses while they work to restore service or access aren’t new — last October, a distributed denial of service (DDoS) attack on one of the Internet’s biggest hosts, Dyn, took down not only websites like Amazon and Reddit but also Zillow and various real estate productivity tools (for example, the Arizona Association of Realtors’ eSign business tool, powered by GoPaperless, was taken offline during the DDoS attack).

And in January at Hacker Connect, keynote speaker Molly Sauter explained how the proliferation of smart home devices was only going to make attacks more common.

Hackers launch these attacks for a variety of reasons:

• To express displeasure against specific targets
• To take down a competitors’ website
• As an extortion technique — “Pay the ransom or we’ll take out your website” — which is exactly what WannaCry is doing
• To divert attention from another activity that the hacker might be doing — such as stealing data

Brad Smith, Microsoft’s president and chief legal officer, wrote in a blog post yesterday that this stockpiling of software vulnerabilities “is an emerging pattern in 2017.

“We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world,” he added. “Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage.”

How to prepare…

Marvin Stone, the senior vice president of business integration at Stewart, offered several tips for agents and brokers who want to make sure this doesn’t happen to them based on an Inman Connect New York session.

He advises agents and brokers to understand the environment in which a real estate transaction unfolds and to know all of the partners involved — and their level of trustworthiness. “If you have weak partners that don’t have good security practices, that can certainly affect you as an agent,” he noted.

Krishna Malyala, a real estate agent and the CEO at TLCengine, noted that the interdependency of products (including real estate products) means there’s sometimes “a weakest link for redundancy.” That’s why when a service like Amazon’s S3 web storage service starts having problems, you see ripple effects on websites like Quora and in apps like Slack.

Stone also believes that agents (and brokers) need to use business-grade technology — beware the router built for a residential space that never got the default password changed, for example.

“At DEF CON (the world’s longest running and largest underground hacking conference), it was demonstrated that just about every Wi-Fi router can be hacked immediately by even a novice hacker because most people never take the time to change the factory admin password on their router,” wrote web development company founder Casey Wright in an Inman post about cybersecurity. Agents should (at least) change the admin password and hide the SSID on routers; you can find instructions for how to do it on Google.

Stone also suggests that agents follow best practices for equipment, like downloading patches from OS providers and upgrading hardware and firmware as suggested.

In his blog post, Smith noted that Microsoft released a patch to Windows systems two months before the attack — but many Microsoft customers didn’t update their systems, and so their machines were still vulnerable weeks after the fix became available.

For that reason, Smith said, “cybersecurity has become a shared responsibility between tech companies and customers…. As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems. Otherwise they’re literally fighting the problems of the present with tools from the past.”

Stone said that technology training needs to be regularly updated, “because the bad guys have discovered real estate and that’s where the money is,” and their tactics are always evolving. “Make sure you keep up with that,” he suggested.

And brokers need to audit policies and procedures, he said, “to make sure the things you set forth in your policies and procedures are actually being taken care of.”

You should also make sure you’re backing up all of your data — whether that’s to an external hard drive or a printed spreadsheet.

John Moscillo, founder of More GCI and a Re/Max Insight agent, said that he backs up all of his documents and “loops.” “When there was an issue several months back that took down dotloop, we kept right along,” he noted.

“Everything in my CRMs are also in a spreadsheet,” he added. “It goes into the spreadsheet first, then the CRM.” Moscillo does this to ensure he can always access the data — and also just in case he wants to upload his data to a new service.

Keller Williams broker associate Anthony Clark says that in his office, “we keep a paper file with the more recent version of each document in our office,” and they download their databases “routinely” — every month.

“Other than that, I just figure it is what it is if it ever happens,” he said.

…And what to do if you didn’t

Hopefully, you’ve backed up your files, because that will mean you aren’t losing everything as a result of a hack.

However, if you didn’t bother backing up your computer and WannaCry has locked up the files, then the ransomware will probably live up to its name. Experts are recommending that affected users refrain from paying the ransom — they say there is no evidence that your files or data will be restored.

It’s possible that a technician might be able to restore some of your files, but in this case, the best defense might be planning your next offense — and making sure your router is secured and your software is up-to-date. Because this certainly won’t be the last time hackers try to mess up your day.

Email Amber Taufen

Like me on Facebook! | Follow me on Twitter!