Why Should Affordable Housing Organizations Invest in Cybersecurity?

Multifamily affordable housing organizations are more vulnerable than you realize, especially with an increasingly remote workforce. Cybercriminals attack housing providers with alarming frequency, using discreet and difficult-to-detect methods to access private systems and confidential data that put residents, employees, and entire housing organizations at risk.

Since 2016, the U.S. has experienced about 4,000 ransomware attacks daily. Cybercriminals don’t just focus on larger companies with deep pockets—70% of ransomware attacks affect businesses with fewer than 1,000 employees.

intro_image
CSresources

Cybersecurity Resources

A collection of fact sheets, checklists, and infographics covering the most urgent cybersecurity topics in the world of affordable housing.

View Resource Page
CSblog

Cybersecurity on the Blog

In-house and contributed articles covering the latest cybersecurity threats, trends, and tips for affordable housing providers.

View Blog
CStraining

Free Cybersecurity Training 

Learn how to assess your organization's cybersecurity approach and train employees to identify and avoid attacks. (login required)

View Training Page

HAI Group Has You Covered

Ready to start your journey to becoming a more cyber-resilient housing organization? Contact a member of our Account Services team to learn about our cyber liability insurance policy and additional cyber coverage options.

Contact Account Services Team
“Everyone is a target, and I cannot stress that enough. Malicious actors are going to find ways to exploit whomever they can. When you look at housing organizations, they often don’t have the resources to protect themselves.”

— Scott Stevens, chief information security officer, Integrity Technology Solutions

 


cyberinfographic_2
Source: PURPLESEC
_0002_GettyImages-1134222510

No End in Sight

Over the last five years, the FBI has received an average of 440,000 cybersecurity complaints per year, and recorded $13.3 billion in total losses.

_0001_GettyImages-1322205512

All Trick, No Treat

According to the FBI, the vast majority of cyberattacks are engineered through phishing schemes, which are aimed at tricking victims into providing sensitive information to scammers.

risk of ransomeware-1

Ransomware Risk

Phishing schemes are commonly used to infect networks with ransomware, a type of malicious software that encrypts data on a computer, making it unusable unless a ransom is paid.

cost of cyber crime-1

The Cost of Cybercrime

The FBI received nearly 2,500 ransomware complaints in 2020, with adjusted losses of over $29 million that don’t account for the business interruption and recovery costs synonymous with ransomware.

 

Real-life Ransomware Scenarios

The examples below show the impacts of ransomware attacks on housing organizations and the public sector:

An attack on a housing organization
left 700 employees and some 55,000
residents temporarily without access to
the organization’s web portal
.
The hacker
also leaked information about dozens of employees online.

A cyberattack infected an entire county, taking the county’s systems offline, according to the FBI. The county had backup servers, but the servers were also hacked because they weren’t isolated from the county’s main network. The county paid a $132,000 ransom, the FBI noted.

A housing organization experienced two successive ransomware attacks, which the organization’s leader described as “a nightmare.” The attacks forced the organization’s employees to retype and scan documents to recoup encrypted files.

Hackers infected a city’s systems and
demanded a $76,000 ransom. While the
ransom wasn’t paid, according to the FBI,
itcost the city an estimated $9 million to remediate the attack and restore services.

A housing organization had its financial data held hostage at a time when the data was necessary for reporting. The housing authority decided not to pay the ransom. The hack still cost the housing authority “both time and stress.”

A county’s computer systems were infected after a user allegedly opened a malicious email link or attachment, according to the FBI. County officials decided to rebuild their systems rather than pay the $1.2 million ransom. The county spent $1 million on new equipment and technical assistance, the FBI said.