Real Network Hack Attacks

The Real Estate Espresso Podcast

Real Network Hack Attacks

Spotify Google Podcast Apple Podcast Subscribe via RSS Leave a Review

Welcome to the Real Estate Espresso Podcast, your morning shot of what’s new in the world of real estate investing. I am your host Victor Menasce.

On today’s show we’re talking about network security and the importance of cybersecurity in today’s connected world. But first, I’d like to invite you to a webinar next week on December 16th. We’ll be demonstrating the use of our new AI tool, which we’re affectionately calling Victor AI. This is our own custom language model which is built on top of ChatGPT. We trained Victor AI with the contents of the Real Estate Espresso Podcast and my book Magnetic Capital. The results are the difference between going to a family doctor versus going to a specialist. The specialist is always going to give you a more detailed and more precise answer. Click on the link in the show notes and we’ll talk to you on December 16th.

On today’s show we’re talking about network security!

This week we commissioned a brand new network for a new apartment complex. The devices on the network were all installed in the early morning of Friday, December 5th. At that time we implemented security protocols that were designed to keep hackers at bay. As part of that configuration we disallowed certain types of network traffic that could represent risk to the integrity of the network and devices on the network. And no sooner than the new network had been commissioned when our new network filters detected attempts at the banned network traffic. The destination of these packets was on a network based in China. The threats on the internet are very real. This happened in less than a day.

I am going to give you an example from back in December of 2023, two years ago. There was a data breach of a real estate database containing one and a half billion records of property ownership information across the United States. The database belonged to a real estate wealth network based in New York City. The folders contained information on property owners, sellers, investors, and what appeared to be internal user login data.

Now in the U.S., property tax records are generally considered semi-public records. That doesn’t mean there is full public access to ownership information. There are no central record-keeping agencies or one single place to access property tax information across the entire country. Among the 50 states there’s three thousand one hundred and forty-four counties, each with its own local government at the city level, the county level, and the school districts that collect property taxes, and each one has its own policy for storing and insuring property tax data.

The records are physically stored in each individual jurisdiction. Some locations even require an in-person visit to access the property tax records. Now some localities do have websites or online portals where limited property tax information can be obtained. The ease of access or availability can vary drastically from one state to another, or even amongst counties within the same state.

This particular database consolidated the entire nation into a single place, making it much easier to search anyone’s property information by name instead of searching by address or property ID. Now the security specialist who found the data breach quickly found information about his own home that was not publicly available. He then searched the records of numerous celebrities and well-known individuals. He was able to see their street address, the purchase price and the date they bought their home, the mortgage company, the mortgage loan amount, tax ID numbers, taxes owed or paid or due, and tons of other information.

Now you might be thinking, well this is not such a big deal after all. This information is publicly available in many counties. But what if that database was an investor database containing Social Security numbers? A breach doesn’t have to disclose that much private information to be damaging. I mean, think of it like pieces of a puzzle. You can use partial information about an individual from one source to gain access to other pieces of the puzzle from other sources, and before you know it you have enough information to conduct a pretty convincing identity theft.

For real estate investors that can be a big deal. In fact, in 2022 the FBI identified that 11,578 cases of real estate fraud caused $350 million in losses in just one year. That means the number of real estate fraud cases increased about 20 percent since 2017.

Now property fraud is a multi-step scam that first involves stealing a homeowner’s identity and then forging ownership documents. The crook doesn’t ever need to come in contact with the owner. Criminals could identify properties that are owned free and clear or have a large amount of equity. Then they would forge documents and submit them to the local clerical courts where they could transfer the property, where it might be recorded in the county’s public records. The county clerk doesn’t verify that the transaction is correct. They only verify the documents comply with the filing requirement. So there’s virtually no verification if the sale is legitimate or accurate.

As real estate investors we do maintain sensitive records for properties and for other investors. We need to take the potential of a data breach seriously. In the current environment your network is being attacked each and every day. The most common automated hacks are attempting the simplest of vulnerabilities, the ones that take a minimum of computing resources in order to penetrate the security perimeter. But with the advent of AI and the use of AI agents, network assaults are becoming much more sophisticated. A single vulnerability can be easily found by an AI agent. That means that security patches become more important than ever, and you have to really pay close attention to your network security.

Now most business owners don’t give network security much of a second thought. They are not IT specialists and they don’t have an IT department that keeps their network and computers secure. Real estate investment companies are targets for hackers because the dollar amounts involved in this business are fairly large. The consequence of a data breach can be pretty severe.

As you think about that, maybe consider hiring a security specialist to do an audit of your systems and network.

Have an awesome rest of your day. Go make some great things happen. We’ll talk to you again tomorrow.

Stay connected and discover more about my work in real estate and by visiting and following me on various platforms: