By Lindsay Timcke of CliftonLarsonAllen
Originally published October 2, 2023
Encryption software firms’ research reveals that the construction industry is at the highest risk of being targeted by ransomware attacks.
In 2021, Nordlocker, an encryption software firm, analyzed 1,200 companies to discover which industries were affected by ransomware attacks the most. The construction sector was revealed to be targeted the most out of the 35 industries analyzed. This rate of ransomware attacks has only gotten worse since then. As in 2023, Nordlocker disclosed that the construction industry suffered the largest amount of ransomware attacks from Jan. 2022 to Jan. 2023.
Industries globally have steadily grown in their reliance of digital technology every day. Since the pandemic, that reliance has increased even more, forcing industries that don’t usually pay attention to the digital world to allocate more resources towards ensuring appropriate cyber security. Cybercriminals see the construction sector as a potential weak and easy target to attack. The industries reliance on computer-aided design (CAD), building information modelling (BIM), and cloud-based tools for collaboration has ensured a poor security posture in the industry. Many of these organizations have little to no cybersecurity plans and inadequately trained employees when focused on identifying cyberattacks.
Now, what is ransomware? According to the National Institute of Standards and Technology (NIST), ransomware is defined as a type of malicious attack where attackers encrypt or lock away an organization’s data and demand payment to restore access. After a company has been compromised by ransomware, there aren’t many options available to mitigate the financial loss. While they can pay out what the attacker demands immediately, which, according to Egnyte, an enterprise file sharing leader, there is no guarantee the ransomware will be removed. However, the payment is relatively inexpensive compared to the financial loss an organization will face as their business operations are shut down indefinitely. These attacks cost companies an average of $4.44 million per breach and damages their reputations.
Another cyber risk affecting the construction industry is fraudulent wire transfers. As in almost every industry, social engineering and phishing scams are one of the most frequent and effective methods of scamming and hacking. Through methods of impersonation and compromised business emails, attackers will often target the construction industry’s online financial transactions. Cybercriminals will attempt to impersonate an authoritative individual at an organization (like a CEO) and speak or write with urgency to appear legitimate and ensure the victim does not second guess the wire transfer.
The construction industry faces frequent attacks that attempt to steal their intellectual property and private data. Cybercriminals commit data theft because sensitive banking information such as SSNs, credit card numbers, personal information of employees, vendors, and customers hold such high value to other criminals. Additional reputational damage that accompanies data breaches further burdens construction companies. Furthermore, any blueprints, designs, methodology, patents, or any other intellectual property that is invaluable to each unique company, is at serious risk if appropriate steps to mitigate the mentioned cyber-attacks are not taken.
Top 6 things Your Construction Service Can Do Now
- Privilege Access Management: continuously monitor and review access rights to information.
- Data Governance and Security: categorize data based on sensitivity, prioritize protecting the most valuable data.
- Frequent Secure Backups: can help mitigate information and systems lost during attacks.
- Educate Team Members: ensure your team understands the cyber risks affecting your industry and how to identify and report social engineering attempts.
- Establish Cybersecurity Regulations in Contracts: mitigate third-party risks by ensuring external partners adhere to an appropriate cybersecurity posture.
- Implement an Incident Response Plan: determine the immediate action that will be taken after a potential cyber-attack, how will your efforts mitigate your loss?
Conclusion
Enhance your cyber security posture today! We are always here to help answer your questions. Be prepared for the cyber attacks threatening your construction company now!
Sources
Cybersecurity in the Construction Industry. Know Your Risks and Take Steps to Protect your Company (maynardnexsen.com)
Why The Construction Industry Is Being Impacted By Cyberattacks, And What To Do About It (agc.org)
Building a Stronger Cyber Security System in the Construction Industry | The Hartford
Navigating Cybersecurity Challenges in the U.S. Construction Industry (zscaler.com)
Cybersecurity Challenges and Strategies in U.S. Construction (zscaler.com)
Cybersecurity Challenges In Construction Industry (zscaler.com)
Case Study: Ransomware Attack on Construction Company (netcov.com)
Construction is the No. 1 Target for Ransomware Attacks | For Construction Pros
Ransomware Attacks in Construction (thehortongroup.com)
Ransomware in the Construction Industry (egnyte.com)
Lindsay Timcke is Signing Director, Cybersecurity with CliftonLarsonAllen. He can be reached at lindsay.timcke@claconnect.com or 617.686.0107.
The information contained herein is general in nature and is not intended, and should not be construed, as legal, accounting, investment, or tax advice or opinion provided by CliftonLarsonAllen LLP (CliftonLarsonAllen) to the reader. For more information, visit CLAconnect.com.
CLA exists to create opportunities for our clients, our people, and our communities through our industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Investment advisory services are offered through CliftonLarsonAllen Wealth Advisors, LLC, an SEC-registered investment advisor.