Illustration by Wenting Li
The construction industry is unique. Every project—whether it’s building a skyscraper, erecting a bridge, or expanding a complex highway system—requires a vast network of loosely connected stakeholders to complete.
While this reality comes with many positives, there are some aspects to this structure that make the industry especially vulnerable to cyberattacks.
Here are the primary reasons construction is a top target for hackers:
Slow to transition to digital
Today’s construction industry is awash in digital technology, but compared to other industries its adoption has come much later. However, some of the reasons the industry has been slow to adopt technology are the same reasons that hackers are now most interested in targeting construction firms.
Even though the industry has come a long way in embracing technology, construction still spends about 80% less of its revenue on information technology when compared to other industries, according to “Construction Executive.” The industry’s reluctance to adopt digital technology means it has also been slow when it comes to data and cybersecurity, making it a prime target for hackers.
Operates with a distributed work environment
Every construction project involves many separate entities—developers and financiers, general contractors, engineering and architecture firms, specialty subcontractors, government agencies—all working together sharing critical project information and executing financial transactions across disparate networks with few, if any, shared security protections.
There’s no singular corporate firewall, for instance, guarding against breaches. Each contractor has its own technology, processes, etc., for its individual business; every time it engages with another project entity’s technology or process, each contractor is potentially creating an opening for hackers to jump in and steal critical data.
Processes many transactions
Because of the incredibly messy nature of separate stakeholders involved in each construction project, there’s lots of money changing hands all the time. In addition, there is a significant variety in payment amounts. There can also be many payees involved on a project, as larger projects may require hundreds of small individual specialty contractors.
Taken together, these construction industry characteristics make it especially at risk to cyberattacks. Hackers have been known to use this disconnected security network to spoof, phish and often directly steal money from industry stakeholders by effectively rerouting money to their own criminal accounts.
Experts say hackers are most likely to target their efforts at times when workers and systems have their guard down—for example, a Friday afternoon, when workers are tired from the busy week and looking forward to their weekend activities. This is when a delicately planned phishing email or payment rerouting is likely to arrive, hopeful that the person in charge of administering such a routine transaction isn’t being particularly vigilant.
And because the industry still operates using simple invoicing systems, it’s easy for hackers to pose as vendors or subcontractors simply requesting their scheduled payments.
Fewer regulations, compliance concerns compared to other industries
Finally, construction is among the top targets for hackers because it’s one of the least regulated when it comes to data protection and security. Government efforts to regulate cybersecurity and data privacy have been focused elsewhere, particularly in more consumer-oriented sectors like social media and other fast-evolving consumer technology subsectors.
Because construction is such an attractive target for malicious hackers, industry leaders must be intentional and strategic about implementing cybersecurity defenses to thwart potential attacks.