If data security, online privacy, and identity theft aren’t top concerns in your organization, they should be.
More today than ever before, hackers are using sophisticated efforts to steal information from companies and to commit identity theft and fraud. And while all industries are at risk, the construction industry is becoming a greater target. For example, according to a report by Nordlocker, an encryption software firm, the construction industry has the highest number of ransomware attacks. TechTarget explains ransomware as “a type of malware that locks and encrypts a victim’s data, files, devices or systems, rendering them inaccessible and unusable until the attacker receives a ransom payment.”
Ransomware is only one type of cyber attack.
Hackers use data breaches to steal valuable information — such as email accounts, names, birth dates, and phone numbers — then use that information to gain access to personal accounts. The best way to avoid being taken in is for organizations to have good security procedures and policies in place and for everyone to follow them.
Here’s what you need to know in order to avoid getting hit by a cyber attack:
- Know your weaknesses. You need to stay up-to-date on the latest tech security news to know if you’re vulnerable. Watch out for news about malvertising attacks and ransomware scams. You also need to pay close attention if you’re part of a larger attack, such as the memorable Equifax breach.
- Know how to spot a phishing scam. You might be surprised. A phishing scam can come in the form of an email, link, or even a telephone call. Cybercriminals will use whatever means they can to install malicious software or access your accounts to steal your personal information. Watch for suspect emails with bad links (and don’t click them!), phony security alerts, fake websites, and out-of-the-blue phone calls where someone says that they can help you solve a computer, account, or software issue.
- Know what’s going into your spam and trash folders. If hackers do start trying to access your accounts, one of the first things that can happen is that they’ll reset your passwords to critical accounts (banking, or others) and set a filter so that any email notifications about the changes bypass your inbox. Always watch your company’s email account for unusual activity, and if you see anything strange – such as trash or spam folders emptying themselves — change your password immediately. (In this case, you’ll also want to check your banking and other critical accounts.)
- Know how to manage your passwords. Activate two-factor authentication whenever possible. And make sure your people use strong passwords — a different one for each account. Encourage them to refrain from using a variation of the same password, too. You’ll also want to make sure passwords are changed regularly.
- Backup and Disaster Recovery Planning. In the unfortunate event of a ransomware attack, having a robust backup and disaster recovery plan in place can save you from significant losses and disruptions. Regularly backing up critical data and storing it securely offsite or in the cloud ensures that you can quickly recover from an attack without succumbing to the attackers’ demands.
Remember, investing in cybersecurity is an essential proactive measure that can help mitigate the risks of a cyber attack like ransomware. By prioritizing employee training, implementing robust security measures, controlling access and privileges, having backup and recovery plans, and staying informed, commercial construction contractors can fortify their digital defenses and safeguard their critical data and operations.