The cybercrime industry is rapidly making it difficult for cybersecurity to keep pace with technology vulnerabilities. Cyber criminals do not discriminate when it comes to the size of businesses they target. High-profile attacks make the news, but in reality 90 percent of these crimes significantly impact small to medium size companies. What Management Companies Should Know About Cybercrime Fifty to 80 percent of all cyberattacks are aided or abetted by innocent insiders, most commonly through an email message that asks a relevant party to click a link or open an attachment. Some attempts are obvious, but many are carefully crafted, appearing very credible – this is where the success of cyberattacks can reach the high end of the range. The goal of most cybercrime attacks is the theft of private information that is potentially sold on the dark web. Inherently, businesses have the care, custody and control of some type of third-party private information stored either physically or electronically. That responsibility creates a direct cyber liability exposure. Even when the information is transferred to a thirdparty service vendor, the responsible parties will still have at least a vicarious liability* exposure. Community management companies take on the direct care, custody and control of the association’s private information as part of their contracted services. This creates a direct cyber liability exposure for the management company as the responsible 52
Vision Fall/Winter 2017 | www.cacm.org
keeper of this information. The associations they manage typically do not have direct control of the private information, so their risk exposure is generally limited to vicarious liability. However, it is important to consider the cyber exposure of each association to determine their level of control.
Types of Cybercrime that Directly Impact Management Companies Ransomware attacks are the fastest growing type of cybercrime. The infection of prominent websites and downloadable applications has become a common means to attack computers. The latest ransomware virus can leap from computer to computer once unleashed within an organization. It will freeze the computers until a “ransom” is paid (usually in virtual currency known as Bitcoin). The recovery of files is questionable even when the ransom is paid. Management companies are encouraged to establish a strong software backup system to protect against the potential loss of data due to a ransomware attack. Cloud computing technology is a very appealing infrastructure platform that is
Are Types of
