Cybercriminals Taking Aim at Construction and Manufacturing Businesses


Organizations in nearly every industry are grappling with cybercrime. Last year, digital strikes resulted in almost 2,000 significant data breaches, affecting health care organizations, hotel chains, professional services firms, utility companies and many others. Unfortunately, the threat environment is expected to intensify over the coming months as more connected devices enter the workplace. Businesses in a few select industries are particularly vulnerable to cybercrime in 2018 — most notably those in the manufacturing and construction spaces.


Cybercrime in Manufacturing
Manufacturers sustained approximately 620 attacks in 2016 and addressed the fallout from 124 large-scale breaches, according to Verizon Wireless. This activity carried over into last year, with producers deploying information technology resources to deal with distributed denial of service attacks aimed at industrial internet of things technology and digital intellectual property theft schemes, Manufacturing Business Technology reported. An international data security skills shortage exacerbated these cyberattacks, leaving manufacturers unable to tap information security experts for assistance.

“We will see more and more traction next year in what I call traditional industries,” Robert Herjavec, founder and CEO of leading data security firm the Herjavec Group, explained in a report outlining these insights. “Particularly in the manufacturing space where compromises like CryptoLocker have done some real damage, we will see organizations maturing their security programs and investing in order to keep up with ever-changing exploits. Manufacturing will be the new health care in 2018.”

CryptoLocker, a form of ransomware discovered back in 2013, wreaked havoc on businesses across the globe throughout 2014 before the U.S. Department of Justice effectively neutralized the software by taking down the botnet that distributed it, according to Malwarebytes. Sadly, a significant number of manufacturing leaders have not prepared their respective firms for the forthcoming onslaught of cyberattacks. The Herjavec Group report referenced a recent Cisco survey published in July 2017 that revealed 40 percent of these stakeholders had not directed IT teams to develop formalized data security strategies.

Hackers Versus Builders
The analysts at the Herjavec Group also expressed concern for construction companies in its report. The firm’s worry stems from the accelerated pace of IoT adoption within the space. An estimated 93 percent of construction companies have adopted IoT technology, according to research from the Arc Advisory Group. Additionally, rising implementation of connected home technology, which includes connected thermostats, water heaters and power supplies, make finished spread the risk to homeowners.

What kinds of attacks are data security experts specifically concerned about within the construction space? Digital fraud schemes are at the top of their lists, Construction Executive reported. Consumers are well-acquainted with these strikes, some of which have received considerable attention in the media. The Target hack that unfolded in 2013 is perhaps one of the most memorable instances of digital fraud. Cybercriminals managed to gain access to the retailer’s servers via an independent heating, ventilation and air conditioning contractor that had done work for the company and been given access to its internal network. Hackers penetrated the small firm’s meager digital defenses and gained entrance to Target’s severs, from which they extracted credit and debit card information for millions of customers.

Taking Appropriate Action
The Herjavec Group predicts damages from cybercrime will have sapped more than $6 trillion from businesses by 2021. With this and the situations outlined above in mind, executives and IT leaders at manufacturing and construction firms must take action as soon as possible. How? Ensuring firewalls and other basic data security controls are up to date is a good place to start. But perhaps the most powerful weapon any business can deploy against hackers and other cybercriminals is employee training. Improper system usage is at the center of most data breaches. For example, more than 80 percent of hacking-related intrusions involve the use of stolen or weak login credentials, according to Verizon. In short, when employees understand how to protect themselves and their employers from outside entities hoping to gain access to company servers, enterprise data is more likely to remain safe. After all, malware cannot infect a system when the email in which it has been delivered goes unopened by a keen recipient who can spot a data security risk when they see one.

As manufacturing and construction firms navigate the opening stages of the first quarter, they must address the digital threats that lie ahead and look for ways to reduce the risks they pose to their bottom lines, partners and customers.


Want to Know More?

Reach out and a Vector Solutions representative will respond back to help answer any questions you might have.