Northbridge Insurance warns smart construction devices are at risk from cyber attack

Published: September 7, 2017

Updated: July 24, 2018

Author: Luke Jones



Large and small construction contractors are at risk from cybercrime, Northbridge Insurance warns. In a report, the company says companies with “smart” building equipment and engineering drawings for important builds are the most vulnerable.

“Major advancements in digital connectivity have left the construction industry particularly vulnerable to cybercrime,” Northbridge said in a recent blog post “Remotely accessible systems, like Building Information Modeling (BIM), project management software, and autonomous vehicles can create more opportunities” for cyber criminals.

“The digital revolution is a double-edged sword for construction companies,” Northbridge stated in the blog, New cyber risks in the construction industry.

The Toronto-based insurance provider says the most targeted assets are engineering and architectural plans, financial information, personal data, and files. Northbridge says attackers would hold the stolen data for ransom.

“IoT devices, which include everything from cameras to thermostats to smart meters, are generally not built with security in mind,” Cisco stated in its 2017 Midyear Cybersecurity Report, released in July. “Many of these devices lag well behind desktop security capabilities and have vulnerability issues that can take months or years to resolve.”

“IoT devices cannot be accessed easily or at all by their direct owners, making it difficult to impossible to remediate when systems have been compromised,” Cisco cautioned.

“Some of the largest breaches to date began with the compromise and misuse of a single privileged user account,” Cisco added. “Gaining access to a privileged account can provide hackers with the virtual ‘keys to the kingdom’ and the ability to carry out widespread theft and inflict significant damage.”