Skip to content

While there is no industry that is immune to cyber-attacks, a study by Cybersecurity Ventures, published in 2021, and a follow-up study by Safety Detectives, found that construction was the third most common industry hit by ransomware attacks. In all, it made up 13.2% of all ransomware attacks in North America.

Ransom payout is the end game

Ransomware attacks are when hackers gain access to sensitive documentation, and lock it with password encryption. This could consist of HR files, accounting information and payroll, client information, and other sensitive documents.

But the goal of the hackers is not to take the information and exploit it—they’re not stealing credit card numbers. Instead, they send a ransom note to the owner of the information saying that if the ransom is not paid, the valuable information will never be released. It will effectively be deleted.

3 reasons why construction is a cyber target

1. SMBs without resources

Construction is a ripe target for cyber attackers, primarily because most construction companies are small-to-medium-sized businesses and don’t have an in-house cybersecurity team. A study published by IBM Ponemon found that 74% of construction-related organizations have no security in place to deal with a ransomware attack, and they do not have an incident response plan.

2. Critical amount of data

The second reason that construction is such a ripe target is attributed to the amount of data flowing through a construction company. Whether they’re locking financial data, worksite data, or even blueprints and schematics, ransomware can cripple a contractor.

3. Vulnerability

Lastly, the third reason for the cyber weakness is the fact that construction is beginning to adopt a lot of new technology, but it’s still very new and most construction companies don’t have the technology infrastructure, such as a Chief Technology Officer and cybersecurity team. While it might seem great to introduce the new tech, like BIM or VR, adopting first-generation technologies is especially susceptible to attack.

How to combat cyber attacks

Security and training

Implementing cyber security measures is the first line of defense, but generally, a virus protection software simply won’t do. Researchers have found that training is especially needed to help employees identify suspicious communications and requests that may be phishing attacks.

Implement standard procedures

Further, an internal incident response plan needs to be organized before the damage is done, and it should include leadership, IT, legal, and HR. Additionally, an external incident response team should be ready: there are companies that specialize in handling ransomware and employ legal counsel, forensic investigators, and public relations.

Make it SOP

Most of all, the recommendation is to practice, practice, practice. Drill training into your people so that they won’t fall prey to scams.

Construction is vulnerable. Contractors need to be proactive.

Related content:

Cyber Criminals Targeting Construction Energy and Engineering

Construction Insights Delivered Straight to Your Inbox

Group 52

Subscribe to our email newsletter for the latest construction insights.