From blueprints and schematics to contracts and expense receipts, you must ensure your data is organized and secure. Unfortunately, construction companies are becoming increasingly targeted by hackers with high ransomware demands. A 2022 article in Construction Executive suggests that construction companies are now the number one target for ransomware attacks but that 84% of companies lack the necessary protections to prevent an attack.
Why have construction companies become targeted and what can you do to protect your assets? We’ll look at recent attacks and what an effective cybersecurity program looks like for your business.
What a Construction Cyber Attack Looks Like
Attacks can take on many forms. Phishing attacks lure users in with fake links and spam emails. Malware infiltrates and corrupts your operating system. In most cases, hackers will install ransomware and demand payment before they restore your data. Here are two recent examples:
In early 2020, Canadian company Bird Construction was hacked by a criminal group called “The Maze.” The hackers stole 60 gigabytes of data and demanded ransom. It’s unknown how Bird ultimately resolved the issue.
In 2021, Skanska, a global engineering and construction firm, had Social Security Numbers and bank account information stolen from more than 5,000 current and former employees. Again, hackers sought ransom for the return of the data.
Why Hackers Target Construction Companies
As construction companies modernize, their increased reliance on technology means an increased risk of cyber attacks. Unfortunately, as most companies upgrade their technology, they fail to upgrade their security measures. An article in Cybereason suggests that construction companies are more likely than any other industry to pay ransoms to hackers.
Here are the other key reasons hackers target the construction industry:
- Communicating over multiple platforms creates vulnerable gaps
- Diversified supply chains lead to third parties with sensitive data
- Inexperience and knowledge of cybersecurity issues
- Weak firewalls and security protection
- Disbelief that data could be a target
- Older, unprotected operating systems
Six Ways to Protect Yourself
Start protecting your construction business against attack with these proven cybersecurity best practices:
-
Update your firewall and antivirus prevention regularly
Your firewall is only as strong as its last update. Outdated software, unclosed patches and older operating systems will leave your network vulnerable to increasingly sophisticated attacks. -
Educate your employees
Train the people who open emails, click links and send communications on how to identify criminal activity and scams. It only takes one misstep to let hackers in. -
Make regular backups
If your data is breached, ensure you have a protected backup point to restore to. This can save you untold time and money. -
Limit access
Limiting who can access sensitive data reduces the risk of that data being stolen. Make sure that only the necessary staff have secured access. -
Practice your plan
What will you do if you find yourself the target of an attack? Make sure you have a plan in place and that your staff knows how to execute that plan when the time comes. -
Partner with IT professionals
Whether it’s an internal IT department or an external consultant, ensure that you have a trusted IT partner watching your back. Keeping up with technology, tracking security trends and updating systems can be a full-time job.
Just as you protect your construction sites against thieves, ensure that your business leaders protect your digital assets against hackers. It only takes one attack to destroy your finances and your reputation. Schedule an introductory meeting today to learn how proactive Managed IT can assist in the fight against cyber attacks.