Russian aggression against Ukraine has included cyberattacks that could potentially spillover to U.S. networks that serve commercial real estate. (GlobeSt, March 2) 

Spillover or Direct Threats 

• Since the imposition of American sanctions, direct Russian retaliation to U.S. networks could include malware, supply chain disruption and cyberattacks on critical infrastructure. (The Hill, March 3)
  
  
• Senate Intelligence Committee Chairman Mark Warner (D-VA) recently told Axios that Russian cyber weapons inside Ukraine could spread to NATO member states. In 2017, Russia's NotPetya malware was unleashed in Ukraine, causing billions of dollars in damage to companies worldwide. (Axios, Feb. 23)
  
  
• "If you're suddenly having 190,000 troops attack Ukraine, chances are that the cyberattack will not be a single piece of malware," Warner told Axios. "The chances of that staying within the Ukrainian geographic border is quite small. It could spread to America, could spread to the U.K., but the more likely effect will be spreading to adjacent geographic territory [such as] Poland.” (Axios, Feb. 23)
  
  
• GlobeSt on March 2 addressed potential cyber threats to CRE. “The largest vulnerabilities for real estate companies are systems such as HVAC, elevators, lighting, metering, parking, and physical access control,” according to Tom Shircliff of Intelligent Buildings.
  
  
• Homeland Security Today also reported in January about a cyberattack on a German engineering firm’s building automation system that locked the owners out of the system and rendered three-quarters of several hundred devices in the building nonoperational. 

CRE’s Response 

• The CRE industry has responded to emerging cyber threats through the Real Estate Information Sharing and Analysis Center (RE-ISAC) – a public-private information sharing partnership organized and managed by The Real Estate Roundtable since 2003.
  
  
• The RE-ISAC sends a Daily Report to members to raise awareness on cyber threats and other concerns affecting the U.S. commercial facilities sector, while sharing guidance from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and other agencies. See CISA’s online resources on Russian cyber threats.

• The RE-ISAC has also worked with InfraGard National Capital Region (InfraGardNCR) to establish the Commercial Facilities Cyber Working Group (CCWG), a virtual effort to share cyber threat intelligence. The group shares threat reports, ransomware victim examples, and other information on a regular basis. 
  
  
• RE-ISAC Managing Director Andy Jabbour interviewed James Whalen, Boston Properties’ SVP, Chief Information & Technology Officer on the steps commercial real estate companies are takings to meet cybersecurity threats. (Gate 15, March 23, 2021 and Blended Threats: Holding Buildings Hostage)

FBI Recommendations 

This week, the FBI recommended organizations take the following steps:

1. Review recent cybersecurity advisories, such as the Department of Homeland Security’s recent “Shields Up” warning that urged “all organizations – regardless of size – adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.” (TechCrunch, March 2)
   
   
2. Know your networks; especially if you have even a tangential relationship with Russia and surrounding countries.
   
   
3. Know your Cyber Incident Response plan. If you don’t have one, you should. Make sure the FBI and info sharing are embedded in that plan. Lower your thresholds for reporting.
   
   
4. Report mis, dis, mal information, a tried-and-true tactic of the Russian government, including on your social media.
   
   
5. In the event of a compromise, call the FBI.

The Real Estate Roundtable’s Homeland Security Task Force continues to work with key law enforcement, intelligence agencies and the RE-ISAC on protective measures that businesses can take to create infrastructure resistant to physical damage and cyber breaches. (Information on joining the RE-ISAC)   

#  #  #