780.424.2727 email
get a Quote
Ransomware Attacks in the Construction Industry
September 5, 2023

Ransomware Attacks in the Construction Industry

As the construction industry continues to increase its use of technology, the risks of cyberattacks also rise. Furthermore, certain aspects of the construction industry make it vulnerable to attacks, such as the older systems still in use and the prevalence of inadequate cybersecurity systems.

Even with robust prevention systems, businesses are susceptible to malicious cyber events. One area of concern is ransomware, which is malware that infiltrates a computer system through phishing emails, compromised credentials, malicious URLs, removable devices or other vulnerabilities. Once on a victim’s device or network, this malicious software encrypts data and threatens to block access to it or publicly release it unless a ransom is paid to the cybercriminal. According to an analysis of ransomware cases between January 2022 and January 2023 by encryption software company Nordlocker, construction was the most targeted industry.

Ransomware Targets

Numerous types of ransomware threats impact the construction industry, including:

  • Cloud vulnerabilities—Cloud software and applications can be susceptible to targeted cyberattacks. Individual devices or cloud accounts can be infiltrated through known weaknesses.
  • Targeted software supply chains and managed service providers—Cybercriminals may target software supply chains and managed service providers to gain access to several organizations in one attack.
  • Interrupted industrial processes—It’s been reported that ransomware groups may have written malicious code to stop critical industrial and infrastructure processes.
  • Specifically timed attacks—Cybercriminals may look to carry out ransomware attacks on weekends, holidays or other times when fewer IT personnel are available or working to stop it.

Ransomware Prevention

Being proactive and implementing extensive cybersecurity and risk management practices can help mitigate the risk of becoming a victim of a ransomware attack. Strategies to consider include:

  • Installing updates and patches
  • Providing comprehensive employee training
  • Cautiously opening email attachments and using preventive software
  • Backing up important data on separate devices

Conclusion

Cybercriminals present a well-funded and organized threat. Their tactics continually evolve, so construction organizations must stay current on the latest ransomware techniques.

Did you know that 60% of small and medium businesses don’t survive after a cyber attack? Protect your business with Cyber Insurance, call us at 780.424.2727 or click here to get a quote.