Construction industry provides big target for ransomware attacks, NordLocker analysis shows

Construction is the number one industry hit by ransomware, according to new desk research by NordLocker. An analysis of 1,200 companies hit by cyber extortion between 2020 and 2021 revealed those parts of the market where ransomware is the most widespread.

NordLocker's research has discovered that, out of 35 identified industries, the greatest number of ransomware attacks was detected in the construction sector. The 93 companies affected range from established businesses, such as an Asia-based group of construction engineering companies that annually consult on projects worth an estimated US$20 billion, to small, family-owned enterprises, such as a roofing company in Texas. The findings raise the question: Why do cyber criminals prioritize this particular economic activity?

What makes the construction industry a lucrative target for ransomware attacks?

The construction business could be enticing to cyber racketeers because of the core processes that steer the industry. "The reputation of firms in this industry is largely built upon on-time service delivery, which is at risk during any delays caused by ransomware attacks," says Oliver Noble, a cybersecurity expert at NordLocker, an encrypted cloud service provider. "This factor, together with the industry's razor-thin profit margins, provides the ransomware groups with conditions that make a payout more likely. Additionally, the industry could be a tempting target to ransomware gangs because of its relatively traditional business model, which is to a large degree yet to implement advanced cybersecurity solutions."

Even though big companies have a higher probability to offer hackers larger ransoms, small companies are not safe either. "Small enterprises usually do not have the same cybersecurity checks in place as larger businesses, making them an easier target for ransomware attacks. That being said, major companies are still the preferred targets, as their deeper pockets and higher stakes make them more likely to pay up," the expert notes.

How businesses can protect themselves from ransomware attacks

Although ransomware attacks are evolving, Oliver Noble provides some easy-to-implement cybersecurity tactics to serve your business as defense:

• Make sure employees use strong and unique passwords to connect to company systems. For increased security, implement multi-factor authentication.
• Secure email by training staff to identify signs of phishing, especially when an email contains attachments and links.
• Implement and enforce periodic data backup and restoration processes. An encrypted cloud might be the most secure solution for this.
• Adopt zero-trust network access, meaning that every access request to digital resources by a member of staff should be granted only after their identity has been appropriately verified.