Home Business and Finance Cybercrime and the Construction Industry

Cybercrime and the Construction Industry

by editor

Have You Considered Cyber Insurance For Your Business?

As cyber-attacks on construction businesses become increasingly prevalent, Cyber Insurance can play a key role in protecting businesses from online crime.

Cybercrime is an increasing threat to construction businesses across Australia. Frequent use of insecure connections from mobile workplaces, in addition to sharing files and data with external contractors, makes the construction industry uniquely exposed to the risks of cybercrime. As a result of this risk, 41 per cent of construction companies have already purchased cyber insurance, while a further 28 per cent plan to do so in the next 12 months.1

WHAT IS CYBERCRIME?
Cybercrime is criminal activity in which a computer or network is integral to, or the target of, an offence. These offences are estimated to cost the Australian economy over $1bn annually, with 58 per cent of all data breaches categorized as small businesses. 2

Cybercrime committed against construction businesses can encompass conduct such as: Funds Transfer Fraud, including fake invoicing, is becoming more widespread throughout the construction industry.

Business interruption: a serious risk to any construction company is a delay to projects as a result of a cyber event, including loss of documents or systems interruptions. For this reason, it’s important to have a Business Continuity Plan in place.
Third Party Liability: Construction projects require collaboration between businesses and the use of third-party suppliers and subcontractors increases cyber risk. In order to share and maintain data critical to the project, access to systems must be provided. A recent report showed that 44 per cent of all data breaches are caused by a third party and only 15 per cent of these vendors informed impacted parties of the breach.3
Data Breach: Construction firms hold and use their client’s confidential information, including blueprints and architectural designs which are costly to recreate.
Underinvestment: Construction firms often underinvest in IT and IT security. This can lead to lack of even the most basic defences that can eradicate the majority of cyberattacks. Cyber criminals target these businesses.
Mobile Device Dependency: Advancements in technology have facilitated the ability to work remotely. The construction industry has taken full advantage of this, however, the increased use of portable devices to ensure constant connectivity exposes critical systems to cyber risk. Multiple access points to the company’s network increases the number of vulnerability points. Coupled with underinvestment in IT security as mentioned, this environment is ideal for cyber criminals to gain access.

CASE STUDY
A civil contractor received an invoice for payment of $125,000 worth of stock via email. The contractor paid the invoice by transferring funds online to the account details provided on the invoice.

It was not until the payment terms had passed, however, that the contractor realized payment had not been received by the vendor. It was discovered that the email sent to the contractor had been intercepted by cyber criminals, who changed the invoice details, redirecting the funds to a fraudulent account.

It is important for all businesses to be aware of cyber threats to their businesses, particularly fraudulent invoicing. Some steps to take to prevent this threat include:

  1. Confirming bank account details against existing records
  2. Have supplier onboarding procedures
  3. Call back your suppliers to confirm invoice details

It is essential for construction businesses to be vigilant when it comes to protecting their operations and staff from cyber threats, and Cyber Insurance can play a key role in safeguarding a business in the event it is subject to an online attack.

Cyber insurance policies vary in the benefits they provide. At Moody Kiddell & Partners we can help you find the most suitable product that meets the needs of your business and help protect it against the financial impact of cyber crime.

Contact Moody Kiddell on 1300 000 657 or visit www.mkpgroup.com.au today.

Related Articles