With ransomware attacks making headlines, construction managers at organizations of all sizes are increasingly asking, “Are we vulnerable too?” or even “Are we next?” 

According to the U.S. Cybersecurity & Infrastructure Security Agency (CISA), “Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom is not paid.”

Although there are various measures that construction businesses can take to reduce the risk of becoming a ransomware victim—which can involve a loss of data and production for an indefinite period until it is resolved—managers shaken by the scope of the problem are increasingly turning to expert third-party cybersecurity firms for guidance and protection.


When Colonial Pipeline was targeted by the DarkSide gang in a ransomware attack this April, it disrupted gas supplies along the U.S. East Coast, causing widespread shortages in multiple states. Colonial Pipeline paid $4.4 million dollars in bitcoin to release their billing system and internal business network, although U.S. law enforcement later recovered much of the payment.

Global ransomware damage costs are predicted to hit $20 billion in 2021, up from $11.5 billion in 2019, $5 billion in 2017, and just $325 million in 2015, according to the Cisco/Cybersecurity Ventures 2019 Cybersecurity Almanac.

Cybersecurity Ventures, the world’s leading researcher and a trusted source for cybersecurity facts, figures, and statistics, expects that businesses will fall victim to a ransomware attack every 11 seconds in 2021, up from every 14 seconds in 2019, and every 40 seconds in 2016.

Concern over the danger to businesses has even risen to the international stage. NPR reports that at a recent summit in Geneva, “President Biden called on Russian President Vladimir Putin to crack down on cybercrimes. But the Russian leader has shown little interest in combatting an emerging criminal industry in his country that’s called ‘ransomware-as-a-service.’”

In the battle against ransomware, the challenge is that essentially any construction business with older PCs, networks, firewalls, or operating systems is vulnerable, particularly those that do not immediately update to the latest software to “patch” security issues, according to Yuriy Tatarintsev, manager, technical operations at BTI Communications Group, an IT cybersecurity and technology convergence provider that services clients nationwide. 

“Even one PC running an older, unsupported version of Windows can be a chink in the defensive armor that invites intrusion,” states Tatarintsev.


The fight against ransomware begins with having a companywide process to ensure that all machines are patched with the latest security updates from Microsoft and other applications as soon as they are released.

Next, defending critical construction business processes from attack goes beyond simple anti-virus protection that solely reacts to known threats, and that leaves operations vulnerable to yet unidentified risks.

“We recommend a new generation of advanced antivirus software that does not always depend on identifying known threats or ‘signatures.’ Instead, such software uses artificial intelligence to analyze which PC programs and processes are affected and as soon malicious activity is detected, stops it,” explains Tatarintsev. 


According to Tatarintsev, email security is also of critical importance today because insufficient precaution in this area is perhaps the leading cause of companies getting ensnared in ransomware.

“Statistically most construction companies acquire ransomware when an employee receives a suspicious email that seems legitimate and clicks on an embedded link. This starts the ransomware attack, which then spreads throughout the company network,” says Tatarintsev.

To protect against this hazard, Tatarintsev recommends that construction businesses use advanced email spam protection tools that offer significantly more defensive capability than earlier, more rudimentary options.

“The advanced tools not only filter out all potentially malicious emails, but also stop users from going to dangerous website destinations by clicking on links that could start a ransomware attack,” he says. He explains that the tools rewrite all the embedded link Uniform Resource Locators (URLs). So, if a user clicks a URL in an email, instead of linking to a potentially dangerous website, he or she is redirected to a safe location or “sandbox.” The URL is analyzed to determine if it is dangerous, and if it is safe the user is allowed to go to the original website destination.


If all these defenses fail and ransomware does infect and shut down a construction company’s IT network, a reliable back up system should be in place that can quickly restore all critical data.

“If a business’s vital server data is encrypted by ransomware, with a good backup solution data can be restored from the backup,” says Tatarintsev. He notes, however, that some data will be lost, depending on the frequency of backup. Unless these are virtually continuous, a day or even a week or more of current data could be lost.

Care is a must when data is transferred and saved to keep ransomware from having access to network storage sites.

While construction businesses can attempt to fight the growing scourge of ransomware in-house, most IT departments do not have the time, resources, or expertise available to deter the constantly evolving threat on a 24/7 basis.

As an alternative, an increasing number of construction businesses are cost-effectively protecting against ransomware by outsourcing to professional, third-party firms like BTI Communications Group that remotely and continually provide layers of protection with a comprehensive, integrated IT approach to continually deter and detect threats, as well as resolve vulnerabilities. 


With the menace of ransomware continuing to escalate, construction businesses of all sizes would be wise to examine options for deterring the threat before being victimized. 

For More Information:

For more about BTI Communications Group, visit www.btigroup.com.

Modern Contractor Solutions, September 2021
Did you enjoy this article?
Subscribe to the FREE Digital Edition of Modern Contractor Solutions magazine.