Publish Date: July 21, 2023
Author: Seubert
Tags: Blog - SeubertU

Ransomware Attacks in the Construction Industry

As the construction industry continues to increase its use of technology, the risks of cyberattacks also rise. According to an analysis by encryption software company Nordlocker, the construction industry had the most cases of ransomware attacks between January 2022 and January 2023. Certain aspects of the construction industry make it vulnerable to attacks, such as the older systems still in use and the prevalence of inadequate cybersecurity systems.

Even with robust prevention systems in place, businesses are susceptible to these malicious cyber events. One particular area of concern is ransomware. This newsletter provides additional information regarding ransomware attacks and how they impact the construction industry.

What Is Ransomware?

Ransomware is a type of malware that infiltrates a computer system through phishing emails, compromised credentials, malicious URLs, removable devices or other vulnerabilities. Once on a victim’s device or network, this malicious software encrypts data and threatens to block access to it or publicly release it unless a ransom is paid to the cybercriminal. Often, this demand has a deadline; if the deadline is not met, the data is destroyed or published, or the ransom demand increases.

Ransomware Targets

Numerous types of ransomware threats could impact the construction industry, including:

  • Cloud vulnerabilities—Cloud software and application can be susceptible to targeted cyberattacks. Individual devices or cloud accounts could be infiltrated through known weaknesses.
  • Targeted software supply chains and managed service providers—Cybercriminals may target software supply chains and managed service providers to gain access to several organizations in one attack.
  • Interrupted industrial processes—The FBI has reported ransomware groups have written malicious code to stop critical industrial and infrastructure processes.
  • Specifically timed attacks—Cybercriminals may look to carry out ransomware attacks on weekends, holidays or other times when fewer IT personnel are available or working to stop it.

Ransomware Prevention

Being proactive and implementing extensive cybersecurity and risk management practices can help mitigate the risk of becoming a victim of a ransomware attack. Strategies to consider include installing updates and patches, providing comprehensive employee training, cautiously opening email attachments and using preventive software. Making sure to back up important data on separate devices can also help lessen a ransomware attack’s impact.


Cybercriminals present a well-funded and organized threat. Their tactics are continually evolving, and construction organizations must stay current on the latest ransomware techniques that are being utilized. For additional industry-specific guidance, contact us today.

Contact us to see how you could minimize risk: