The construction sector is a particularly appealing target to malicious actors. This is due to the myriad of third-party suppliers used, horde of personal data being collected, and the large sums of money involved in construction projects.
Cyber-attacks on suppliers can be just as damaging as attacks on your own business. Along with physical delivery of materials, machinery, and labour, there is also the exchange of digital information, like email providers and accounting software companies. Know who your suppliers are, and how they operate.
Employees reuse credential details, such as passwords, for multiple accounts. When a breach is made, this makes it relatively easy for an attack to access multiple accounts/networks at a time. Multifactor authentication methods are vital, to reduce the chance of data breaches.
Social engineering methods are used to con people into providing information. This is done by taking advantage of a person’s emotional responses. Many employees are not trained to look for such attacks, and are often unaware of their part in an attack.