How to Protect Your Construction Data in Uncertain Times: Part 1 of 2

With the world currently adjusting to the current global pandemic, companies need to be more agile while providing even more protections for their data. As more people begin to work from home, there has been a drastic increase in ransomware attacks by nearly 148 percent, according to VMware Carbon Black. These attacks are specific to COVID-19 and while more people are being targeted, the success rate is actually lower than normal. While this is a good sign, companies should not use this as an excuse to lower their data security. 

Viewpoint’s information security officer, Mike Dooley recently sat down with Craig Lundskog, finance director for Great Basin Industrial and Jeff Cann, CIO and chief strategy officer with Encore Electric to discuss the current cybersecurity threats in a special webinar: Cybersecurity — Protecting Your Data & Assets in Uncertain Times.

As Dooley notes in the webinar, there are a number of different ways for threat actors to try and compromise computer and technology systems. Currently, the number one source of security breach is phishing. Especially now with the pandemic, hackers are posing as essential and important people attempting to get personal information from individuals.

1. Triple Check Phishy Email Addresses

Since the beginning of the pandemic, more than 2,000 domains have been purchased and stood up on a daily basis. Typically, this type of attack is successful when someone is rapidly moving through their day without thinking critically about their actions. All it takes is the click of a link or email attachment for ransomware to be downloaded on a computer. When looking through emails, make sure to pay close attention to the sender and any URLs included in the email. If anything looks off or unusual, send the email to the IT department for confirmations.

2. Prevent Ransomware with Strong Passwords

Another common form of security breach is ransomware. In this form of attack, hackers crack the system and take hold of the company’s data. This data is then held for ransom until a fee is paid. If the company attempts to fight the ransomware or retrieve the data, the hackers will delete it permanently. This is a very difficult decision for most companies as they cannot risk losing all their data, but the ransom fee is commonly very expensive as well — often more than $100,000. Fortunately, with the right precautions, strong passwords, and proper software, these ransomware attacks can be prevented.

3. Hire a Specific Person in Charge of Wire Transfers 

Wire transfer is another form of security breach which is especially common in the construction industry. In these scams, criminals will send fake invoices or payment requests requesting the immediate transfer of money. In a panic, the recipients will often pay the amount and the money will be taken. To avoid this scam, many companies have a specific point person in charge of money transfers and require that this exchange occurs over the phone, making it clear that any random emails with money requests are scams.

In Part two of this blog series, we’ll look at some real-life examples from Great Basin’s Lundskog and Encore’s Cann of construction data breaches and how they handled them. In the meantime, watch the full Cybersecurity — Protecting Your Data & Assets in Uncertain Times webinar below to learn more about preventing cybersecurity attacks: