HYDERABAD: The real estate and construction sectors are among the top targets of ransomware threats, just behind the manufacturing and IT industries, cybersecurity experts pointed out at ‘SHIELD-2025′, organised by the Telangana Cyber Security Bureau (TGCSB) and the Society for Cyberabad Security Council (SCSC) in association with The Times of India on Wednesday.
“The manufacturing and professional, scientific and technical services sectors account for 19.15% and 15.6% of cyber attacks, respectively, while the construction and real estate sector accounts for 7%,” said Pradhasaradhi Chintalapati, a cyber security expert at Arete Incident Response, a cyber threat management company.
Experts pointed out that the increasing digitisation of real estate processes has made sensitive data, including homebuyers’ personal details, property records and banking information, vulnerable to cyber threats. They noted that once this data is accessed by cybercriminals, it can be used in a variety of ways to deceive buyers and commit financial fraud.
“Cybercriminals can use the stolen information to target buyers with convincing phishing emails or phone calls, tricking them into revealing more sensitive information or making payments to fraudulent accounts,” said Ashfaque Ansari, associate director and head of IAM India at Qualcomm.
Experts explained that bank details in the wrong hands could allow unauthorised withdrawals or transfers. In addition, access to property records could allow criminals to forge ownership documents, potentially leading to illegal sales or fraudulent transfers of property titles.
Badiga Srikanth, group director at Qualcomm, suggested that companies in the real estate and construction sectors, as well as other industries, should adopt a decentralised approach to data storage to minimise vulnerabilities.
“We ensure that no data is stored in a single location. Instead, information is distributed across multiple platforms, each protected by different firewalls. This way, even if a cybercriminal gains access to one part of the system, they will only be able to retrieve limited details such as names, while critical data remains protected elsewhere,” said Srikanth.
