Digital sign-ins blamed for doubling in construction cyber attacks


Digital sign-ins for workers have been blamed for a doubling in cyber attacks on construction companies over the past year, according to a report.

Financial advisory specialist Kroll said the sector accounted for 6 per cent of its incident responses in the first quarter of this year.

That was double the proportion seen just a year earlier as criminals turned their attention on the industry.

On-the-go working patterns could be making the sector more vulnerable to cyber criminals, the report warned.

“The reason for these rising attacks may be because the industry involves many digital sign-ins via mobile devices on sites.

“An employee may be more likely to fall for a phishing lure if they are receiving the email on the road, making them potentially less vigilant about the signs of fraud.

“Attacks against the construction sector are also likely to come from business email compromise,” warned Kroll.

“A review of cases indicates that carefully crafted phishing lures designed to mirror document-signing programmes are a common way to socially engineer victims into giving up their credentials and, in some cases, their multi-factor authentication prompts.”

Such attacks might seek to redirect payments to a fraudulent bank account or simply to scrape contacts for further phishing, perhaps by impersonating the contractor and asking for credentials or signatures, said Kroll.

The National Cyber Security Centre said it was “essential” for construction businesses to put protective measures in place as they pushed more working processes online.

“We strongly recommend the sector engages with the Cyber Security for Construction Businesses guide to advise businesses on how to keep their projects secure,” added a spokesperson.

“By following the recommended steps, businesses can significantly reduce their chances of falling victim to a cyber attack and protect their data and devices from online threats.”

Across all industries, Kroll noted an evolution in the techniques used by cyber attackers.

“In particular, with regards to phishing, we saw SMS and voice-based tactics being used, which raises concern around the potential for deep fakes and AI-type technologies to further enhance the effectiveness of phishing attacks,” said the report.

“In the same vein, one insider threat case investigated by Kroll this quarter saw employee impersonation take place, another area where AI-type technology could be especially effective.”

Earlier this month, engineering contractor Arup was widely reported to have fallen victim to a deepfake scam that led to one of its Hong Kong employees paying out $25m to fraudsters.

A spokesperson from Arup said: “Back in January we notified the police about an incident of fraud in Hong Kong. Unfortunately, we can’t go into details at this stage as the incident is still the subject of an ongoing investigation.

“Our financial stability and business operations were not affected and none of our internal systems were compromised.”

Arup’s Global chief information officer Rob Greig said: “Like many other businesses around the globe, our operations are subject to regular attacks, including invoice fraud, phishing scams, WhatsApp voice spoofing, and deepfakes. What we have seen is that the number and sophistication of these attacks has been rising sharply in recent months.

“This is an industry, business and social issue, and I hope our experience can help raise awareness of the increasing sophistication and evolving techniques of bad actors.”



Source link

About The Author

Scroll to Top