Construction
The construction sector has become a serious target for cyber criminals over the last 5 years.
A list of the "known" victims of cybercrime reads like a Who’s Who of Irish and UK construction. Many of the larger organisations across the country have been victims of phishing attacks, data breaches, malware attacks, the most recent high profile and large incident being the ransomware attack at Lagan Contracts in February 2023.
These are all high-profile companies and the attacks only account for the ones we know of, but it is worth considering that if these companies with their size, scale and resources can be breached, then so can you.
LouughTec regulary partner with the CIOB as a primary educator and partner on cyber security within the construction sector and we have many construction companies as clients hence we are extensively experienced with cyber security within the construction industry.
Check out our specific construction industry case study here
Construction industry provides a perfect storm for cyber crime.
As a relatively late adapter to technology and digitisation, construction companies offer any number of breach points to cyber criminals throughout the 3 stages of design, construction and handover.
Much of design stage involves digital collaboration with different stakeholders using a number of software tools from CAD in design, project management solutions and BIM software. Add in building management systems (BMS), building automation and control systems (BACS) and many other connected systems, that’s a lot of information accessible to many 3rd parties.
The construction stage usually means a greater number of people on the project working remotely, with more interaction with 3rd parties. CCTV, survey equipment and drones all generate data that needs to be shared across networks. Project teams sharing information by smartphone and laptops across various locations also increases the attack surface.
At the handover stage building management systems will be handed over to client project teams, from light, heat, fire, energy management and others.
During the entire process, construction companies are engaging with a supply chain where each partner may well have a different approach to cyber security, creating additional vulnerabilities. Some companies have managed to maintain the quality and standard of their network infrastructure, others are working on dated technology without any security updates or patch management.
All combining to give a greater attack surface and opportunity to the cyber criminal.
LoughTec have extensive experience and a wide portfolio of clients within the construction industry. Construction companies are a high value targets for hackers and also recently few are seeing in order to be able to bid for tender’s, construction companies are frequently required to be Cyber Essentials certified as well as have a clean bill of health in regards to not having a cyber-attack within the last 3 years hence LoughTec specialise in many highly secure products to keep constructions companies safe.
Reach out to LoughTec below to learn how we can help deliver IT support and Cyber Security to protect your business, staff, customers, data, financials and your reputation.
