Tesserent mentioned ...

https://www.copyright link/property/commercial/cyber-criminals-increasingly-target-builders-20210713-p589ez
w w w . a f r . c o m /

Cyber criminals increasingly target builders

Jul 14, 2021 – 4.21pm

Cyber criminals are increasingly targeting the construction industry and, as large builders improve their guard and systems, hackers are training their sights on smaller companies such as consultants, contractors and suppliers.

The growing threat prompted the federal government’s Australian Cyber Security Centre to last week warn the industry against business email compromise scams, in which criminals send seemingly legitimate emails to a company’s customers informing them of changed payment details.

“At a quick glance, an email address may look legitimate,” the agency said. “Victims assume this request is legitimate and will then send invoice payments to a bank account operated by the scammer.”

A laggard to embrace technology, construction – declared by

to be the second-least digitised industry after agriculture and hunting – is making its way into the cyber economy, but as it does so, is exposed to risks long suffered by other industries.

The industry that revolves so much around project-based payments, with parties not having worked with each other before, is also extra vulnerable. Large builders say cyber attacks are on the rise.

“We have noted a considerable increase in social engineering scams, phishing or whaling attacks and impersonation attempts in recent years,” said a person at one large construction company who declined to be identified.

“We have engagement with other construction company chief information officers and IT managers and are aware of compromises in other organisations and have discussed prevention strategies and technologies together.”

But as large companies strengthen their defences, attacks are focusing on smaller players with less sophisticated systems and fewer resources to throw at the problem.

This is clear from the size of scams reported. More than half of construction-based business email compromise scams reported to the Australian Cyber Security Centre last financial year resulted in losses less than $25,000. The largest was more than $1.1 million.

If large builders were in the centre of the industry, cyber criminals were increasingly targeting the second ring of consultants – such as architects, design firms, project management firms – and the third ring of suppliers supplying materials to projects, said Michael McKinnon, chief information officer at ASX-listed cyber-security company Tesserent.

“The criminals have had a couple of years now of honing their craft and really starting to realise where those relationships are and starting to infiltrate further into the supply chain,” Mr McKinnon said.

The true extent of the problem is unknown. There is no obligation on businesses to report fraud incidents.

Rebecca Bishop, whose outer-Melbourne family home-building business suffered two ransomware attacks in 2018, hasn’t reported the cases to either the police or the agency.

“I haven’t got around to it yet,” Ms Bishop told The Australian Financial Review on Wednesday.

Elite Building, which custom-builds homes for second- and third-home buyers in the south-eastern suburbs of Melbourne, discovered the first attack when Ms Bishop started up her computer one day and couldn’t access any files. A message demanded payment to access them.

”They were all locked,” Ms Bishop said. “It asked you to pay them in bitcoin, in order to get the documents back. They said if you try and contact authorities or try and fix it they had inappropriate video footage of me they were going to share. They said it was on my computer. There was no such footage”.

Ms Bishop paid IT consultants about $6000 to recover her backed-up data and to crack the encryption on a separate system and recover that data. The second attack occurred five months later, didn’t affect her systems as badly and was quicker to resolve.

Her own and clients’ data remained uncompromised.

“We didn’t have to pay any ransom,” she said. “We got all our data back.”

All DYOR