Construction is the No. 1 Target for Ransomware Attacks

Report exposing the industries most likely to be targeted by ransomware gangs shows construction at highest risk.

NordLocker
Ransomware
NordLocker

Construction is the No. 1 industry hit by ransomware, according to new desk research by NordLocker. An analysis of 1,200 companies globally that were hit by cyber extortion between 2020 and 2021 revealed those parts of the market where ransomware is the most widespread. Out of 35 identified industries, the greatest number of ransomware attacks was detected in the construction sector.

The 93 companies affected in the construction industry range from established businesses, such as a respected Asia-based group of construction engineering companies that annually consult on projects worth an estimated US$20 billion, to small family-owned enterprises, such as a roofing company in Texas. The findings raise the question: Why do cyber criminals prioritize this particular economic activity?

Both Large and Small Businesses At Risk

The construction business could be enticing to cyber racketeers because of the core processes that steer the industry. “The reputation of firms in this industry is largely built upon on-time service delivery, which is at risk during any delays caused by ransomware attacks,” says Oliver Noble, a cybersecurity expert at NordLocker, an encrypted cloud service provider. “This factor, together with the industry’s razor-thin profit margins, provides the ransomware groups with conditions that make a payout more likely.

"Additionally, the industry could be a tempting target to ransomware gangs because of its relatively traditional business model, which is to a large degree yet to implement advanced cybersecurity solutions," he adds.

Even though big companies have a higher probability to offer hackers larger ransoms, small companies are not safe either. “Small enterprises usually do not have the same cybersecurity checks in place as larger businesses, making them an easier target for ransomware attacks. That being said, major companies are still the preferred targets, as their deeper pockets and higher stakes make them more likely to pay up,” Noble notes.

How to Protect Against Ransomware

Although ransomware attacks are evolving, Noble provides some easy-to-implement cybersecurity tactics to serve your business as defense:

  • Make sure your employees use strong and unique passwords to connect to your systems. Better yet, implement multi-factor authentication.
  • Secure your email by training your staff to identify signs of phishing, especially when an email contains attachments and links.
  • Implement and enforce periodic data backup and restoration processes. An encrypted cloud might be the most secure solution for this.
  • Adopt zero-trust network access, meaning that every access request to digital resources by a member of staff should be granted only after their identity has been appropriately verified.

Click here for more insights from the research study and recommended cybersecurity tactics.

Latest