When thinking about buying, selling or letting a property – and which estate agent and solicitor to appoint – we’re guessing that most people wouldn’t even consider cyber security as being high on their list of priorities.
For clients of Milne Moser, you’ll be pleased to know that this is something we’ve taken seriously for a long time and have made appropriate steps to protect you, your private information and your finances.
You may reasonably consider online security not to be a big issue for legal firms and estate agents, but recent findings have found that this couldn’t be further from the truth and a warning recently circulated across the UK property industry reported that more and more instances of cyber-attacks are being reported, either targeting agencies or companies associated with the property sales and lettings sector.
Paul Offley, compliance officer at The Guild of Property Professionals, commented: “It seems that the property sector is a prime target among cyber criminals and every few weeks we hear of more cases where businesses have been hacked and someone has got into their system and is trying to defraud consumers.”
Examples of fraudulent activities include criminals who can ‘mirror’ emails, making them appear as though the information sent to clients is legitimate and coming from the firm in question, with the potentially very costly consequences arising from recipients unwittingly disclosing personal and private information.
Michelle Bainbridge is Head of Secretarial Services, Facilities and IT at Milne Moser Solicitors and Estate Agents: “The topic of cyber security was highlighted in the autumn of last year with a ransomware attack reported to have been targeted on one of the UK’s largest online conveyancing firms.”
“According to the property industry press, the impact of this is still to be fully known but, with the firm in question is estimated to be involved in around 5% of residential transactions, the possible implications could be huge for buyers and sellers using their services.”
Partly accelerated by the Covid-19 pandemic but something which was gathering pace beforehand, the world of property buying, selling, letting and associated conveyancing and legal activities has made great strides into the online world, with many estate agencies and solicitors needing to accelerate their own physical and virtual IT systems, their internal processes and procedures, and the associated security systems, accordingly.
“Here at Milne Moser, we have invested significantly over recent years in our internal IT systems across our three offices in Kendal, Carnforth and Milnthorpe, and this investment has now been extended to our commitment to digital security. In the summer of 2021 we achieved our Cyber Essentials accreditation and also attained the Cyber Essential Plus standard.”
What is Cyber Essentials?
Established in 2014 and operated via the National Cyber Security Centre, Cyber Essentials is a relatively simple yet effective scheme, backed by HM Government, that helps protect businesses and organisations against a range of the most common cyber-attacks.
Whilst Cyber Essentials is a self-assessment process, Cyber Essential Plus is a more robust undertaking with a ‘hands-on’ technical verification.
Milne Moser achieved the Cyber Essentials Plus standard in August 2021, with certification awarded by the IASME Consortium (Certificate number: IASME-CEP-004962).
“The criteria for being awarded Cyber Essentials Plus covers scenarios such as would-be internet attackers attempting to hack into our systems, end user devices (EUDs) such as desktops, tablets, laptops and smartphones which can connect to internal resources and the servers on which standard our staff can obtain an interactive desktop environment when working remotely.”
Why is cyber-crime on the increase?
The increase in remote or ‘hybrid’ working has unfortunately proved to be a catalyst for criminals and, where larger organisations were typically targeted, many smaller businesses are finding themselves more susceptible to cyber-attack.
The National Crime Agency reports that there are a growing number of ‘off-the-shelf’ tools mean that less technically proficient criminals are now able to commit cyber-crime, lured by the potential for making a lucrative income.
The types of cyber-crime, according to the National Crime Agency, can vary significantly and include:
- Hacking – including of social media and email passwords
- Phishing – bogus emails asking for security information and personal details
- Malicious software – including ransomware through which criminals hijack files and hold them to ransom
- Distributed denial of service (DDOS) – attacks against websites, often accompanied by extortion
“Everyone working at Milne Moser is fully aware of the standards expected by our Cyber Essentials Plus certification and the highest priority to safeguard the interests of our clients and their interactions with us.” Adds Rebecca Laddell, Partner at Milne Moser Solicitors.
“It’s unfortunate but it’s a fact: cyber-crime is here to stay, and our obligation is to ensure our digital activities are as robust and resilient as possible to protect ourselves and the people who put their trust in us.”
“All Milne Moser staff attend annual training in cyber security, which involves an assessment and a minimum pass rate of 80%.”
“Attaining Cyber Essentials Plus is just the start of this mission for Milne Moser, a benchmark below which we cannot slip. Having made the grade, we are committed to upholding our Gold Standard for our clients by safeguarding their interactions with us in the digital world.”
Milne Moser Solicitors and Milne Moser Property Limited will never notify any client of a change in our bank details by email.
Should you receive any such communication, we ask you to please call 01539 729 786 and speak to our Cashiers department in the first instance as this would almost certainly be an attempted cyber-crime trying to divert a financial transaction to an unauthorised account.
Likewise, we are unable to accept notification of your bank details or a change of those details by email for similar security reasons.
National Crime Agency – The threat from cyber-crime
Gov.uk Cyber Essentials Scheme Overview
National Cyber Security Centre