Quorum Cyber’s Threat Intelligence Consultant Craig Watt shares his thoughts on the biggest cyber security threats to the housing sector.

Research shows that financially motivated cybercriminals have actively targeted the housing sector in recent times. Housing organisations are highly desirable targets for cybercriminals of all sophistication levels due to the large quantities of stored sensitive customer data, including legal, financial, and personally identifiable information (PII). For the first half of 2025, worldwide housing sector cyber targeting breaks down into four types:

Ransomware (40.5% of total cyber-attacks)
Data breaches (30.9%)
Distributed denial-of-service (DDoS) (14.3%)
10 defacement efforts (14.3%).

The key cyber risks for housing associations

Of the wide array of attack vectors available to cybercriminals, ransomware attacks and accompanying data breaches have emerged as the most prominent. We have assessed this is likely to be due to the potential for the sought after sensitive data to be leveraged for financial extortion. Criminals also perceive a lack of cyber security awareness in the workforce.

Quorum Cyber’s Threat Intelligence team has also detected consistent trends that explain the surge in ransomware attacks against the housing sector.

Ransomware operators are continuously developing their capabilities to remain relevant within the cyber threat landscape and to increase the yield of illicit revenue. This has included pivoting to more aggressive extortion methods, as well as crafting more malicious payloads allowing for the targeting of more operating systems, including Linux, compared to the typical Windows-based attacks of the past.

Phishing campaigns remain popular too, since this attack method, which involves the delivery of emails embedded with malicious links, is inexpensive, convenient to deploy and easily spreadable. In addition, we’ve discovered a recent trend of housing sector companies being targeted by watering hole attacks. This is when threat actors apply social engineering techniques against victims by tracking their online movements, thereby generating a behavioural pattern of the most frequently visited websites. The threat actor subsequently targets these sites via known exploits or a zero-day flaw and waits for the target to visit the now-compromised website on their own accord, thus leading to a potential third-party compromise.

Finally, given that a significant portion of housing providers depend on third parties to supply services such as IT management, the threat of supply chain attacks is worth mentioning. As organisations continue to strengthen their cyber resilience, threat actors have increasingly launched their attacks further along the supply chain, attempting to infiltrate third-party suppliers as an indirect mode of access into their primary target.

Impact of a cyber-attack

Unfortunately, housing providers are likely to suffer from a variety of consequences following a successful cyber-attack, including intruders accessing organisational data, loss of service, financial loss and any resulting reputational damage. Fortunately, there is a lot that can be done to prevent the worst from happening.

How to defend against these threats

It is critical for housing companies to understand how to defend themselves against the threat of compromise from cybercriminals. Here are three key actions they can take:

1. Reduce the threat by detecting it in the early stages through the utilisation of an effective and monitored endpoint detection and response (EDR) solution. An effective EDR tool will block ransomware attempts once detected. Organisations can also perform routine back-ups of sensitive data that is required for business operations and to keep a copy offline in case back-ups are impacted by the attack. Therefore, if a breach occurs and the business can no longer function, a back-up is ready to use, and the business can continue to operate with minimal disruption.
2. To defend against phishing attempts, it is vital for a number of protocols to be followed including enabling multi-factor authentication (MFA), enforcing strong password policies, and training employees in how to detect markers of malicious emails.
3. Finally, to defend against the ever-present threat of supply chain compromise, it is critical that housing companies ensure that their software is up to date and that security patches are applied as soon as they are available to prevent malicious cyber actors from gaining access to their network.

Start solving your cyber security challenges today

With our comprehensive portfolio of services, from managed security, data security and Cyber Resilience Assessment (CRA) through to Incident Response Preparedness and Incident Response Retainer, plus a whole range of professional services including Offensive Security, you can rest assured that we can help you solve any cyber security or data security challenges your organisations faces.

Contact us today to find out how to strengthen your cyber security posture and defend your organisation from cyber-attacks.