Construction Cybersecurity: Protecting your Business from Ransomware

In just the first three months of 2020, several high profile construction firms publicly reported ransomware attacks, and many more quietly paid to avoid public disclosure. As I briefly touched upon in the last blog, the construction industry is not exempt from ransomware attacks. This comes while many in the industry are championing initiatives to adopt more value-driving digital technologies.

When it comes to making proactive technology decisions, the question isn’t “Should I adopt technology to improve my business?” but rather, “When I go digital, what can I also do to protect my company from attacks like ransomware?”

A ransomware attack consists of cybercriminals penetrating a company’s network and then encrypting its data to deny the company access. The criminals usually demand a “ransom” before they will “release” the company’s data. Another form of the attack involves threatening to publish the company’s data (including information on customers and vendors) unless the ransom is paid. These attacks often have a double whammy effect, costing companies not only the ransom itself but often many times more in lost productivity (the average attack takes ~14 days to remediate) and in lost business through reputational damage.

I’ve even seen government contractors negatively impacted. I saw a research lab working on federal projects taken down by ransomware. Cybersecurity was taken seriously, and they had preventive steps in place. Even the FBI was unable to resolve the situation. With great trepidation, an agreement was made using Bitcoin. Fortunately, the lab regained control of its network and information when the ransom was transferred. Based on those publicly providing information, about 1 in 5 victims who pay their ransoms don’t get their data back. This lab required a complete infrastructure scrub, implemented new cybersecurity products and processes, and updated training to protect themselves after the incident.

Your next question is probably, “What can I do to protect my company from ransomware attacks?” There is no silver bullet that can completely stop cybercriminals and prevent ransomware. There are, however, several best practices you can implement to reduce your risk. Specifically, my recommendations here are to reduce the possibility of a successful ransomware attack, and I look at it as two large buckets of actions.

First, ensure you can retain access to your company’s vital information in case of a successful attack. This requires constant vigilance and regular maintenance. Properly train your employees and regularly at that. Continually backup your computer and network information but keep these backups in a separate location.

Second, I recommend some actions to prevent or reduce the probability of a successful attack:

1. Learn as much as possible about the possible threats to your business. For instance, email phishing is a widespread form of attack for the industry, so be proactive with identifying best practices to defend against it
2. Practice good technology hygiene. Do: Keep your network and devices up-to-date. Do: Use encryption and secure websites for business activities. Do: Evaluate cybersecurity products that can assist in automating and ensuring productive business activities. Don’t: rely on over the shelf antivirus software

For many companies, it may not be possible to do all these things organically. In that case, I recommend working with third-party providers that have these capabilities.

In the end, the key takeaways are as follows:

1. You can’t ignore this threat – cybercriminals have found the construction industry, and at this point, it’s a question of when, not if, they will get around to targeting your organization
2. Get prepared – the old Boy Scout’s motto still holds true, and the best way to protect yourself is to start planning and implementing best practices now
3. Finally, and perhaps most importantly, remember that you can’t outsource risk, but it certainly makes sense to work with partners and vendors who think through these issues and take them seriously

If you want to learn more about how construction companies can be prepared for cybercrime, join me for a free webinar hosted by HaulHub. I will be joined by Pritesh Gandhi, Lead of Digital Transformation for LafargeHolcim, Bruce Jacobson, Enterprise Architect for Granite Construction, and Terry O’Connor, Cybersecurity Specialist. We will discuss digital transformation in construction, working with multiple vendors, qualifying for cybersecurity insurance, and more.

When: Feb 11th, 1pm ET/10am PT

Where: Registration is free. Sign up using this link

‍