Construction Firms are Ransomware Targets. Take Precautions Now.
Did you know that among all industries, construction is number one when it comes to being victimized by ransomware? Increased tech adoption and predictable schedules make construction particularly vulnerable. Bouygues Construction and Bird Construction have both had to navigate cyberattacks, and it can happen to your business.
Ransomware and Other Attacks
Ransomware attacks occur when cyberthieves break into corporate systems and encrypt the company’s data so you can’t access it without an encryption key, which the attackers hold. They demand money (or a ransom) to release the key, effectively holding the company hostage. Businesses often have little choice but to pay the ransom if they want to access their systems and data.
But ransomware isn’t the only cybersecurity threat construction firms face. Malware, business email compromise, and siegeware—which specifically targets smart building technology—are other major threats to contractors and construction firms. Successful cyberattacks can lead to costly downtime, workforce injuries, breaches of intellectual property (think sensitive blueprints and schematics) and bid data, and property damage due to compromised equipment.
Some small and mid-sized contractors believe they are at less risk from cyberattacks like ransomware than large contractors because they have less revenue. The opposite may actually be true: large contractors have greater resources to devote to cybersecurity defense, so hackers often concentrate on small and mid-sized firms they believe will be easier to penetrate.
Cybersecurity experts warn that siegeware could be the next big cyberthreat to construction firms given how much technology is built into facilities today. They report that cybercriminals are trying to highjack the automation systems of smart buildings. When successful, hackers gain access not only to the target building but to other buildings it is connected to virtually.
IoT (Internet of Things) devices like worksite security and machine control present particular challenges to smart building owners. Cyberthieves can hack into IP cameras to observe worksite behaviors and examine materials to help plan an attack. They can also use drones to exfiltrate sensitive data from construction sites and interfere with work.
Causes of Data Breaches
According to the 2021 Verizon Data Breach Investigations Report, more than two-thirds (67 percent) of all confirmed data breaches were caused by leaked user credentials, misconfigured cloud assets and web applications, and social media attacks like phishing and spear phishing. Therefore, the first step to preventing cyberattacks is implementing a series of controls focused on these areas.
Start with employee education. Eighty-five percent of all data breaches involved a human element, according to the Verizon report, so you should provide comprehensive cybersecurity training to all employees—especially those with access to sensitive corporate information. All it takes is for one employee to open an attachment with malware or click a fraudulent link to open the cyber floodgates to criminals.
For example, teach employees how to recognize fraudulent emails and instruct them to never open attachments from unfamiliar sources or click suspicious links. Make sure employees understand the importance of setting strong passwords and keeping them secure. And instruct your accounting employees to confirm all wire transfers over the phone before initiating them.
Here are five more cybersecurity steps to consider:
- Test your cyber defenses. One way to do this is to conduct penetration, or “white hat,” tests periodically. In these tests, an outside entity (preferably a security consultant) will probe your IT system for weaknesses and try to hack in. Experts suggest conducting tests at least annually to uncover weaknesses in your cyber defenses so you can patch them.
- Back up your systems regularly. This is the best defense against a ransomware attack because if your data is backed up the hacker has no leverage. Also keep your software and operating systems updated with the latest security patches. The best way to do this is to enable automatic updates.
- Focus on remote security protocols. This has always been critical for contractors given how much work takes place in the field, but it has taken on added importance due to the growing number of employees who are now working remotely. Make sure remote employees’ home Wi-Fi networks are secure and that antivirus software is loaded onto their digital devices. Also consider installing a virtual private network (VPN) for remote workers to use.
- Ask your vendors about their cyber defenses. Given the interconnectedness of today’s world, your firm’s cyber defenses are only as strong as those of your vendors and partners. Find out about their cybersecurity practices by having vendors complete a Service Organization Controls, or SOC 2, report. This will detail which types of controls vendors have in place to guard against cyberattacks.
- Create a cyberattack incident response plan. No matter how robust your cyber defenses, there’s still a chance you might suffer an attack. You need a detailed plan of action to minimize damage. The plan should explain in detail the procedures you will follow in the aftermath of an attack, including which employees are responsible for which specific duties.
Make It a Priority
The cost and lost work time resulting from a ransomware attack can be painful for any-sized business. Investing resources in prevention and security can pay huge dividends. It’s not as if the threat is going away — if anything it’s getting worse. That means the time is now to pursue these steps and consult with experts who can safeguard your business’s data and finances.
Dembo Jones’ construction specialists can help ensure your firm has the financial resources to navigate business challenges, helping you prepare for the worst while ensuring you have the proper plans in place to recover and thrive should the unexpected occur. Contact us today.