Construction was identified as the most targeted industry for ransomware cases between January 2022-January 2023. Cyber liability insurance can help mitigate some risk.
As the construction industry continues to increase its use of technology, the risks of cyber attacks also rise.
Furthermore, certain aspects of the construction industry make it vulnerable to attacks, such as the older systems still in use and the prevalence of inadequate cybersecurity systems. Even with robust prevention systems in place, businesses are susceptible to malicious cyber events.
One particular area of concern is ransomware, which is malware that infiltrates a computer system through phishing emails, compromised credentials, malicious URLs, removable devices or other vulnerabilities. Once on a victim’s device or network, this malicious software encrypts data and threatens to block access to it or publicly release it unless a ransom is paid to the cybercriminal. According to an analysis of ransomware cases between January 2022 and January 2023 by encryption software company Nordlocker, construction was the most targeted industry.
Numerous types of ransomware threats could impact the construction industry, including:
- Cloud vulnerabilities — Cloud software and application can be susceptible to targeted cyberattacks. Individual devices or cloud accounts could be infiltrated through known weaknesses.
- Targeted software supply chains and managed service providers — Cyber criminals may target software supply chains and managed service providers to gain access to several organizations in one attack.
- Interrupted industrial processes — It’s been reported that ransomware groups may have written malicious code to stop critical industrial and infrastructure processes.
- Specifically timed attacks — Cybercriminals may look to carry out ransomware attacks on weekends, holidays or other times when fewer IT personnel are available or working to stop it.
Being proactive and implementing extensive cybersecurity and risk management practices can help mitigate the risk of becoming a victim of a ransomware attack. Strategies to consider include installing updates and patches, providing comprehensive employee training, cautiously opening email attachments and using preventive software. Making sure to back up important data on separate devices can also help lessen a ransomware attack’s impact.
If you have questions specific to your business, or would like additional information, please reach out to your Insurance Store Advisor.