Two UK-based construction companies were recently targeted by cybercriminals. Both these construction companies, Bam Construct and Interserve, were involved in building emergency coronavirus hospitals in the UK.
What happened
In two separate incidents, both UK-based hospital construction companies were targeted by cyberattacks.
In the first week of May 2020, Bam Construct was targeted by a cyberattack, due to which it had to shut down some of its computer systems.
Interserve also revealed it was hit by a cyberattack during the first week of May. Some of the operational services were found impacted even after several days.
Surprisingly, both these companies are involved in the construction of emergency coronavirus hospitals. Interserve helped build Birmingham's NHS Nightingale hospital, while the Bam Construct helped with the construction of the Yorkshire and the Humber's hospitals.
Cyberattacks on the construction sector
In the past also, several construction companies have been targeted by various cyberattacks.
In March 2020, EMCOR Group, the US-based engineering, and industrial construction services provider, disclosed that the Ryuk ransomware attack took down some of its IT systems.
In February 2020, the French industrial giant Bouygues Construction disclosed that in Jan, it was targeted by the Maze ransomware attackers, which had impacted 237 computers and over 1,000 TB of data.
In the same month, the Canadian construction company Bird Construction also disclosed that it had suffered a ransomware attack in Dec. 2019, impacting 60 GB of data from the company.
There have been several incidents when hackers were seen posing as representatives of construction companies to lure their victims, like the fraud with Washington County Government by faking Banlin Construction, fraud with Government of City of Naples by posing as Wright Construction Group, and the fraud with Ocala City.
Staying protected
To prevent cyberattacks, organizations in the construction sector should have a modern and up-to-date security infrastructure, including anti-malware software and firewall. Always use complex passwords and also enable 2-factor authentication wherever possible. Also, having a frequent backup of sensitive data can help prevent any major damage due to ransomware attacks.