Cyber ​​attacks on construction industry double, digital sign-in blamed

The report says digital worker sign-ins are to blame for a doubling of cyber attacks on construction companies in the past year.

Financial advisory firm Kroll said the area accounted for 6% of its incident responses in the first quarter of this year.

This is double the rate at which criminals turned their attention to the industry just a year ago.

The report warned that on-the-go working patterns could be making the industry more vulnerable to cybercriminals.

“The increase in these attacks is likely due to the prevalence of digital sign-in via mobile devices on sites in this industry.

“If employees receive emails while on the go, they may be more likely to fall for phishing scams and less vigilant for warning signs of fraud.

“Attacks against the construction industry are also likely to come from business email compromise attacks,” Kroll warned.

“In investigating these cases, we found that phishing scams, carefully crafted to mimic document signing programs, are a common method of socially engineering victims to hand over their credentials and, in some cases, multi-factor authentication prompts.”

These attacks could involve redirecting payments to fraudulent bank accounts or posing as contractors to ask for credentials or signatures, in an attempt to harvest contact details for further phishing, Kroll said.

The National Cyber ​​Security Centre said it was “essential” for the construction industry to take protective measures as it moves more work processes online.

“We believe that the industry Cybersecurity for the Construction Industry “It’s a guide to advise companies on how to keep their projects safe,” the spokesman added.

“By following the recommended steps, businesses can significantly reduce their chances of falling victim to a cyber attack and keep their data and devices safe from online threats.”

Kroll noted that the techniques used by cyber attackers across all industries are evolving.

“With regard to phishing specifically, we have seen the use of SMS and voice-based tactics, raising concerns that deepfakes and AI-based techniques may make phishing attacks even more effective,” the report said.

“Similarly, insider threat cases examined by Kroll this quarter featured employee impersonation, another area where AI-based technologies could be particularly effective.”

Earlier this month, engineering contractor Arup was widely reported to have fallen victim to a deepfake scam, with one of its Hong Kong employees paying $25 million to the fraudsters.

An Arup spokesman said: “We reported the fraud incident in Hong Kong to the police in January. Unfortunately, as the matter is still under investigation we are unable to provide further details at this stage.”

“Our financial stability and business operations have not been affected and our internal systems have not been compromised.”

Arup’s global chief information officer, Rob Greig, said: “Like many other businesses around the world, our business is subject to regular attacks including invoice fraud, phishing scams, WhatsApp voice spoofing and deepfakes. What we’ve seen is a sharp increase in the number and sophistication of these attacks in recent months.”

“This is an industry, business and societal issue, and we hope that our experience helps raise awareness of the increasingly sophisticated and evolving methods used by bad actors.”