- Cyber attacks are a serious threat to the construction industry. In the past three years, cloud-based email security breaches have cost US organizations more than $ 2 billion.
- Despite news reports of foreign hackers, 85% of hacking activity comes from the US, with 56% from the same state and 35% from the same city as the company concerned.
- Business executives in all industries are increasingly concerned about system breaches, compromised email and ransomware attacks, cybersecurity expert David Anderson said during a training session at the Construction Financial Management Association conference last month. But companies can take steps to protect themselves.
Anderson, senior cybersecurity advisor at CliftonLarsonAllen in Minneapolis, told the CFMA audience how vulnerable construction companies can be to this type of crime.
He said that around 80% of data breaches are password-related. An increase in remote working during COVID-19 helped increase the opportunities for violations. In addition, remote access is not revoked. It has become the post-pandemic norm, he said.
“The number of remote users has increased dramatically,” said Anderson. “Many hackers have moved from malware to stealing credentials to gain a foothold. You can search for VPN technologies and try to connect to your work systems using these technologies. “
In addition to password compromise, there are several other tactics hackers use to infiltrate companies, Anderson said. They include:
Compromise on business email. Techniques include email spoofing, in which scammers impersonate trusted email senders and ask recipients to click links that allow them to access data.
Impersonation of the domain. Attackers buy a domain name that is similar to that of a company or a provider. Changing a letter “l” to a digit “1” can trick recipients into trusting email senders.
Drop names. Scammers create an email address that looks like a CEO’s personal address and then ask an employee, for example, to buy gift cards and mail them to a specific address.
Unauthorized access. Another technique is for hackers to gain unauthorized access to company or supplier email and use the compromised legitimate mailbox to send email. “The hacker is in control of the outgoing messages,” said Anderson.
Guess the password. Security experts and scammers alike have tools to guess passwords. Hackers know and try common passwords like Summer2021.
“It’s very easy for hackers to guess passwords for your users,” said Anderson. “Weak passwords can be vulnerable to a rateing attack.”
Password guessing also occurs after websites are hacked. For example, LinkedIn was hacked, users’ passwords stolen and sold online. In many cases, people with LinkedIn profiles reuse LinkedIn passwords in business email systems. Anderson urges the legitimate “Have I Been Pwned?” to use. to search for accounts and find out if these online sites have been the victims of any known data breach.
Ransomware. In this particularly insidious type of attack, fraudsters hack into a company’s network, gain full administrative control, and then use ransomware to lock down the company’s systems. The hackers demand a ransom to unlock the system. Many criminals delete corporate backups the first time they penetrate the system.
“Another tactic is to download the backups and collect data before deleting the backups,” said Anderson.
“You’re stretching out [to victim companies] and say, ‘Pay me the X amount of Bitcoin to restore your system and pay me an extra amount to keep this data out of the world.’ “The data can include social security numbers, addresses, and more.
To combat these types of cyber risks, Anderson recommended these protections:
- Enable multi-factor authentication for as many accounts as possible.
- Harden your email spam filter.
- Create a strong password policy with long passwords.
- Train your end users.
- Keep good backups isolated from your network.
- Consider cyber insurance.
- Assess third party security controls.