HAI Group will never demand an immediate payment from you via email, threaten to cancel your policy if you don't wire funds immediately, or ask you to wire a payment when you usually pay by check. Treat emails like these with suspicion, even if they appear to come from HAI Group. If you think an email might be scam—red flags include typos, slightly altered business names, a sense of urgency, and an unfamiliar "reply to" address—please call our finance department at 203-272-8220, ext. 239 to verify the request.

Why Should Affordable Housing Organizations Invest in Cybersecurity?

Multifamily affordable housing organizations are more vulnerable than you realize, especially with an increasingly remote workforce. Cybercriminals attack housing providers with alarming frequency, using discreet and difficult-to-detect methods to access private systems and confidential data that put residents, employees, and entire housing organizations at risk.

Since 2016, the U.S. has experienced about 4,000 ransomware attacks daily. Cybercriminals don’t just focus on larger companies with deep pockets—70% of ransomware attacks affect businesses with fewer than 1,000 employees.


Cybersecurity Resources

A collection of fact sheets, checklists, and infographics covering the most urgent cybersecurity topics in the world of affordable housing.

View Resource Page

Cybersecurity on the Blog

In-house and contributed articles covering the latest cybersecurity threats, trends, and tips for affordable housing providers.

View Blog

Free Cybersecurity Training 

Learn how to assess your organization's cybersecurity approach and train employees to identify and avoid attacks. (login required)

View Training Page

HAI Group Has You Covered

Ready to start your journey to becoming a more cyber-resilient housing organization? Contact a member of our Account Services team to learn about your cyber coverage options.

Contact My Account Executive
“Everyone is a target, and I cannot stress that enough. Malicious actors are going to find ways to exploit whomever they can. When you look at housing organizations, they often don’t have the resources to protect themselves.”

— Scott Stevens, chief information security officer, Integrity Technology Solutions





No End in Sight

Over the last five years, the FBI has received an average of 440,000 cybersecurity complaints per year, and recorded $13.3 billion in total losses.


All Trick, No Treat

According to the FBI, the vast majority of cyberattacks are engineered through phishing schemes, which are aimed at tricking victims into providing sensitive information to scammers.

risk of ransomeware-1

Ransomware Risk

Phishing schemes are commonly used to infect networks with ransomware, a type of malicious software that encrypts data on a computer, making it unusable unless a ransom is paid.

cost of cyber crime-1

The Cost of Cybercrime

The FBI received nearly 2,500 ransomware complaints in 2020, with adjusted losses of over $29 million that don’t account for the business interruption and recovery costs synonymous with ransomware.

Real-life Ransomware Scenarios

The examples below show the impacts of ransomware attacks on housing organizations and the public sector:

An attack on a housing organization
left 700 employees and some 55,000
residents temporarily without access to
the organization’s web portal
The hacker
also leaked information about dozens of employees online.

A cyberattack infected an entire county, taking the county’s systems offline, according to the FBI. The county had backup servers, but the servers were also hacked because they weren’t isolated from the county’s main network. The county paid a $132,000 ransom, the FBI noted.

A housing organization experienced two successive ransomware attacks, which the organization’s leader described as “a nightmare.” The attacks forced the organization’s employees to retype and scan documents to recoup encrypted files.

Hackers infected a city’s systems and
demanded a $76,000 ransom. While the
ransom wasn’t paid, according to the FBI,
itcost the city an estimated $9 million to remediate the attack and restore services.

A housing organization had its financial data held hostage at a time when the data was necessary for reporting. The housing authority decided not to pay the ransom. The hack still cost the housing authority “both time and stress.”

A county’s computer systems were infected after a user allegedly opened a malicious email link or attachment, according to the FBI. County officials decided to rebuild their systems rather than pay the $1.2 million ransom. The county spent $1 million on new equipment and technical assistance, the FBI said.

Free Cybersecurity Services for Public Housing

Register for MS-ISAC, a free service recommended by HAI Group’s security team—and the Department of Homeland Security. Short on time? We recommend starting with the cybersecurity alerts, the MS-ISAC toolkit, and the Malicious Domain Blocking and Reporting (MDBR) service, which can block the vast majority of ransomware infections by preventing the initial outreach to a ransomware delivery domain!