Last year, with an alarming increase in ransomware cyberattacks and a series of high-profile attacks in May, the White House issued an executive order declaring cybersecurity a national priority and issued directives to better protect against cyberthreats.
All organizations are susceptible to ransomware. Therefore, it is critically important that REALTOR® associations and MLSs are vigilant with their cybersecurity and have mitigation measures in place.
What Is Ransomware and How Does It Work?
Ransomware attacks are usually carried out through phishing schemes (e.g., via email or text message), stolen access credentials, or software vulnerabilities. Once attackers are inside your network and system, they install malware that encrypts your files or computer system, making them unusable. The criminals then demand a ransom in exchange for the decryption key—and may even threaten to share or expose your sensitive data to apply more pressure. This scheme is so effective that it has netted criminals lucrative payments of millions of dollars.
Be Proactive, Not Reactive!
The key to protecting against ransomware and all other cyberattacks is to be proactive and diligent. There is no silver bullet or quick and easy formula. Here are seven general steps your organization should implement to combat ransomware and other cyberattacks.
Step 1: Bolster Your Cybersecurity Front Line
Your staff members are your front line, so you should provide them with training to raise their awareness of the risks of visiting suspicious websites, clicking on questionable links, and opening fake attachments. They should also be required to create strong and unique passwords that are routinely updated. Your organization should also use multifactor authentication for as many services as possible.
Step 2: Implement Cybersecurity Best Practices
Since using old versions of software makes organizations easy targets for ransomware attacks, automate your software security scanning and updates when possible. Timely patches and updates of both computer operating systems and software can minimize your vulnerabilities.
Step 3: Back Up Your Data
Identify and then back up any data and files you need to run your essential operations. Follow the “3-2-1” backup strategy: Have three copies (production and two backup copies); two different copy modes (cloud and disk); and one copy that is off-site. You should also regularly test your backups to make sure they’re working and accessible. Your backup data and files will ensure your organization can continue its essential operations even in the midst of an attack.
Step 4: Know Who Has the Keys
Be aware of which vendors and third parties have access to your network and sensitive files. But before granting access, require them to warrant that their cybersecurity practices meet industry standards and fulfill your requirements, and that they have sufficient cyber insurance. Perform routine audits so you know to cut off network privileges as soon as they are no longer required.
Step 5: Test Your Cybersecurity
Schedule routine tests to confirm that your cybersecurity measures follow industry standards and ransomware guidelines from organizations like the Cybersecurity and Infrastructure Security Agency, which published a ransomware guide in September 2020. This is also a good time to ensure your backups are accessible and working. You may even consider retaining a cybersecurity consultant to help conduct testing.
Step 6: Have an Incident Response Plan
An incident response plan will help your organization navigate a chaotic situation in an orderly fashion. Critical decisions can be predetermined, which will save time and energy for those complex issues that are hard to predict. It can be a stand-alone plan or a part of a larger disaster recovery plan, but be sure to review your incident response plan with your leadership and response team to protect your organization from analysis paralysis and ensure better coordination and effective management. For more information and help with creating and updating your plan, associations and MLSs should visit NAR's Disaster Preparation Resources.
Step 7: Secure Maximum Protection
REALTOR® associations and MLSs that participate in the National Association of REALTORS® insurance program are provided cyber liability insurance. However, excess insurance coverage can also be purchased by applying for it before April 1. Based on state law and the sensitivity of the data each collects and stores, associations and MLSs should consider whether excess insurance coverage would be prudent.
By following these recommended steps, your organization will be diligent, proactive, and prepared in protecting itself against the constant threat of cyber attackers.