Colliers International Group Pwned By Hackers

It’s January 2021 and the pwange by hackers continues.

Toronto-based commercial real estate services and investment management firm, Colliers International Group, has acknowledged it was the victim of a cyberattack but isn’t disclosing whether the incident was ransomware, following a listing on the dark web by the Netfilim ransomware gang.

“In November 2020, Colliers’ information technology team discovered a cyberattack to the company’s IT infrastructure in North America,” company communications director Pamela Smith said in an email. “Thanks to the immediate and decisive actions taken by Colliers’ IT team, the impacts on business continuity were limited. Colliers conducted a comprehensive investigation with the support of leading cybersecurity experts in an effort to determine what data may have been impacted during the recent event. Colliers continues to monitor the situation closely and will continue to notify affected individuals or organizations. The Colliers IT network is secure, safe and fully operational at this time.”

The spokesperson was mum when asked to confirm if the attack was ransomware, that files had been copied, whether the information affected was corporate or personal, and, if personal, did it involve current and former employees.

Well, that does not inspire confidence in the slightest. When someone refuses to answer questions about a hack, it’s usually never good.

David Masson, Director of Enterprise Security for Darktrace had this to say:

While exact details on the attackers’ modus operandi is yet to emerge – this latest attack comes as no surprise.

We have entered a new era of cyber-threat where attackers act in more targeted ways than ever before. As sophisticated threat actors work to disrupt not just financial stability, but company reputation, the potential damages of a cyber breach have never been more devastating.

All industries have sensitive data to protect, and rather than simply stealing it, attackers are now looking to weaponize that data in ways that benefit them. Ransomware gangs have upped their tactics from simply locking up private info in exchange for payment to now releasing it, causing embarrassment and reputational damage, and using it as blackmail.

Beyond stealing or exposing data, businesses need to be on high alert for what we call ‘trust attacks’ – we are seeing an increase in attacks where hackers go after data not only to extort ransom payments, but to actually change the data and undermine its integrity – or use disinformation to smear a brand. For the real estate industry, there is a very real danger that data stores can be deliberately tampered with undermining transactions and redirecting funds into their own accounts. Next generation attacks like these are increasingly outpacing security teams and require sophisticated defenses and AI to respond instantaneously when they strike.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: