Industries We Serve
World Class IT Support & Service
Real People. Right Now.
About Locknet® IT Services
From the first hello, the Locknet® team is dedicated to serving you and your needs.
When you think about cyberattacks, major tech firms and financial institutions may come to mind. But in recent years, a quieter and more concerning trend has emerged with cybercriminals targeting industries like construction - especially small and mid-sized companies with limited IT resources. Construction firms manage sensitive blueprints, vendor payment data, employee records, and project timelines - making them valuable targets.
We’ll explore some real-world cyberattacks that have impacted the construction industry, and what construction companies can do to stay protected.
Construction companies often lack dedicated IT teams, use outdated software, and rely heavily on email and file sharing – all traits that make them vulnerable. Cybercriminals have recognized an opportunity to exploit weak security postures for quick financial gain.
Ransomware, business email compromise (BEC) schemes, and phishing attacks on construction firms are among the top threats in the industry. These attacks can cause serious delays, cost millions in lost contracts, and severely damage a company's reputation.
Let’s look at how cybersecurity threats in construction have played out in the real world.
In 2020, Turner Construction, one of the largest construction management firms in the U.S., became the victim of a highly targeted business email compromise (BEC) scam. Fraudsters posed as legitimate vendors and used phishing emails to trick Turner employees into wiring funds to fraudulent accounts.
While Turner’s size allowed them to weather the financial damage, this kind of attack can be even more devastating for small firms. In many cases, funds stolen through wire fraud are unrecoverable. The attack on Turner underscores how easily a trusted communication channel can be manipulated when proper cybersecurity training and email protections are not in place.
Skender, a prominent Chicago-based construction firm, was targeted by a ransomware attack that temporarily crippled its IT infrastructure. The attackers encrypted critical systems, locking employees out of files and disrupting ongoing projects. Like many ransomware victims, Skender had to scramble to restore systems and determine the scope of the breach.
While the company has not disclosed whether a ransom was paid, the incident highlights a reality for many Midwest firms - you don’t need to be a global corporation to be a target. Local and regional builders, especially those working on high-value commercial projects, are seen as lucrative opportunities by cybercriminals.
Saint-Gobain, a multinational construction materials company, was hit by the NotPetya ransomware attack in 2017. Though primarily affecting European systems, the cyberattack disrupted Saint-Gobain’s entire global operation, including its North American subsidiaries.
The attack forced the company to shut down many of its IT systems, delaying shipments and costing the company over $384 million in losses. Although Saint-Gobain eventually recovered, the incident showed just how much damage a ransomware attack can cause to supply chains and project timelines.
For smaller companies, a ransomware attack, even a modest one, could put them out of business.
Most recently, SPANN Roofing & Sheet Metal, a South Carolina contractor serving commercial, industrial, institutional, and residential roofing clients, experienced a breach by the Akira ransomware group. This included sensitive employee records containing personal information and company documents including contracts, financial records, and client information. The stolen data was later posted on the dark web, indicating a “double extortion” threat where attackers both encrypted files and threatened to leak them.
This incident is a reminder that cybercriminals can latch onto any firm handling valuable personal or project data.
You don’t need to be a multinational construction giant to be targeted. In fact, your smaller size may make you a more attractive target because hackers know you likely don’t have a cybersecurity team watching your systems around the clock.
Here are some essential steps to protect your business:
Cybersecurity awareness training is your first and most cost-effective line of defense. Teach your staff how to identify phishing emails, suspicious links, and wire fraud tactics. Make it a regular part of your safety and compliance meetings.
Many attacks, including BEC scams, rely on compromising a single email account. Requiring MFA for email and file sharing accounts can drastically reduce the risk of unauthorized access.
Always verify changes to banking information with a phone call - never rely solely on email. Reduce the risk of wire transfer fraud by creating internal protocols for approving and documenting these changes.
Use both on-site and cloud backups. Ensure backups are tested regularly and are protected from ransomware encryption.
If you don’t have an in-house IT department, consider working with a managed IT service provider who understands the needs of construction firms. They can help provide IT support for general contractors by setting up firewalls, providing endpoint protection, patch management, and ongoing monitoring to stop threats before they cause damage.
In construction, delays cost money - and cyberattacks cause delays. Whether it’s ransomware locking up blueprints or payment fraud draining your project funds, cybersecurity must be part of your business plan. With the right awareness, policies, and support, your business can become a much harder target.
Don't wait for an attack to expose the gaps in your defenses. We help construction companies across the Midwest protect their operations, their clients, and their reputations. Let’s meet to review your current setup and recommend practical next steps.
