1. Home
  2. News

NEO Contractors Targeted by Ransom-Seeking Hackers

Post date
October 30, 2020
Featured Image
Image
fraud danger virus computer
Body

Did you remember to lock the side door? What about the windows? Who has your company's keys, and which doors do they unlock?

Multiple Northeast Ohio contractors have recently been hacked and temporarily incapacitated until significant monetary ransoms were paid to the online thieves. Having hit Fortune 500 companies like Sony, Target, and Equifax, online criminals are now finding easy targets in construction. 

Attacks come in different forms. Sometimes the thieves fool your or your customer's accounts payable department into changing the bank routing instructions relating to the project your company is constructing. We have seen very realistic emails, using proper names, email addresses, project names and routing the emails to the correct contacts within your customer's office, and these attempts have worked

More recently, regional contractors who have more I.T. resources than most, have had their data stolen and computer systems held hostage after hackers infiltrated their servers through authentic-looking email attachments opened by an employee. In one of these instances, the contractor was without email for more than a week, was without an E.R.P. and accounting system for several weeks and had to completely rebuild its multi-office network while scrambling to pay its field workforce and subcontractors on jobs in progress. The criminal in this instance in effect decided to burn-down the house after stealing all of the jewelry. 

Fortunately, both companies had the right type of cyber coverage, which is helping them make it through these extremely tough situations. 

  1. Do you have the right cyber coverage?
  2. Who, in your company, has the "keys" to the digital house? 
  3. Do you know what your company's weaknesses are?

If you have any doubts about how secure your company is, here are a few things you should do:

  1. Talk to your insurance broker to make sure you have the right cyber and "social engineering" coverage.
  2. Ask your insurer to do a security assessment on your company.
  3. Talk to your I.T. professional about increasing security measures like: requiring 2-factor authentication, use of virtual private networks (VPNs), use of cloud-based business software, and utilizing more sophisticated A.I.-based malware protection.