E-conveyancers ‘investing heavily’ following UK cyber attack

Australian-based e-conveyancers PEXA and Sympli have confirmed that they are investing heavily and taking the necessary precautions to avoid being struck down by a similar cyber attack that hamstrung their UK counterparts CTS.

Last week, British property buyers had their home completions left in limbo as CTS, an e-conveyancing firm that provides “IT solutions shaped for law”, saw its networks go down due to a cyber attack.

In an update on its website, the organisation confirmed that it “recently experienced a cyber incident, which impacted a portion of the services we deliver to some of our clients”.

CTS stated that after the incident it had been “working around the clock with the assistance of third-party experts to resolve this matter” and also touted a four-step plan to return its services to clients.

It commented: “We established a four-phased plan, which would enable us to restore client services as safely as possible. We have successfully completed phases 1–3 and are now at phase 4, which is the restoration of client environments.

“Phase 4 is a complex exercise and may take some time. We remain in contact with our clients and are keeping them informed as we progress through this final phase.”

The British Broadcasting Corporation (BBC) stated that the downtime of CTS’ systems impacted approximately 80 law firms, affecting countless property buyers looking to complete their purchases.

In response to the cyber attack chief information and technology security officer at Australian-based e-conveyancer PEXA, David Willett, responded: “PEXA has been investing heavily in the resilience of our technology platform for years. This is not new to us.

“We are taking several steps to ensure we remain vigilant against the risk of cyber threats, both as a company and as an industry.

“At a minimum, we meet and exceed ISO270001 standards. We have a dedicated global security operations and threat intelligence team who are constantly monitoring for potential threats or our platforms, customers, and businesses 24/7 – both here and in the UK to ensure we can think globally and act locally.”

Mr Willett added that the PEXA system was designed to be resilient, with its “cloud-native solution with robust backups that are tested regularly”.

He said the organisation could “isolate an issue in one area of the (PEXA) Exchange without turning the lights off in other areas to minimise any customer impact”.

Furthermore, Mr Willett commented that PEXA was not only focused on its own resilience, but that of the industry.

“We believe in creating a culture of shared accountability – PEXA is focusing on cyber resilience as an ecosystem,” he added.

“We are working with banks, registrars, customers, and our partners so that all industry players are doing their part to protect themselves while working together to respond to customers in the event of an attack.”

Chief executive of fellow Australian e-conveyancing technology provider Sympli, Philip Joyce, stated that the organisation had a “core focus of its operations on cyber security defences, with proactive and comprehensive cyber security strategies and adheres to stringent standards and regulatory cyber security requirements for data and cyber security for its network and network users”.

Mr Joyce commented: “Sympli continuously aims to further enhance network resilience against potential cyber threats, highlighting our unwavering commitment to the security and trust of our stakeholders and users, while building upon established cyber security controls.”

He added that for greater protection of the nation’s e-conveyancing network interoperability was needed.

Mr Joyce noted: “If we look at Australia’s e-conveyancing market, which last year moved more than $800 billion in property with more than 4 million transactions, it is currently dominated by a single monopoly operator, which has almost 100 per cent coverage of the market.

“With such a dominant operator in the market, this gives rise to the risk of a single point of failure across the entire network.

“This is part of the reason why industry and government have been driving interoperability competition reforms (networks speaking to each other) for the benefit of subscribers and consumers.

“Interoperability will mean an additional set infrastructure is available in the case of a system outage or a cyber attack, which will drive greater security and resiliency across the network.”

[Related: PEXA ‘welcomes competition’, disputes current interoperability view]