Fifty percent of the construction companies on mainland UK are in the East and Southeast of England. Construction is big business in The East of England and is a vital part of the regional and national economy. House building and infrastructure lead the way across our region, and it is a sector that is set to grow significantly over the next 3-5 years. And with critical national infrastructure projects like the Lower Thames Crossing and Sizewell C yet to start it is an exciting time to be part of this busy sector.
But increasing business, more reliance on technology and general poor standard of cyber hygiene means that they are also a sector that are likely to attract the attention of cyber criminals.
Across all sectors phishing is by far the most common cyber-attack. In fact, Metacompliance found that 91% of cyber-attacks started with a phishing campaign – and weak passwords coupled with a lack of multi factor authentication are huge vulnerabilities that will allow criminals into your network. After they get access to your network they can steal your data, extort you to get it back, and they can use you as jump off point to attack your customers and your supply chain.
As the Chartered Institute of Building (CIOB) CEO Caroline Gumble said: “The consequences of poor cyber security should not be underestimated. They can have a devastating impact on financial margins, the construction programme, business reputation, supply chain relationships, the built asset itself and, worst of all, people’s health, and wellbeing.
The below graphic represents the time it would take for a cybercriminal to hack (brute force) a password using current technological capabilities.
Credit: Hive Systems - ,hivesytems.io/password
Passwords should ideally be in the green section of this table, but if one of your current passwords is in another colour - do not worry. We would just advise that change it to something more secure and unique. With the rapid advancements in processing power, areas in the orange section may look secure right now, but it the next couple of years, they may become much weaker.
The NCSC recommend use three random words followed by punctuation to create a secure and unique password. To find out more about passwords guidance, click here.
Two Factor Authentication (2FA) and Multi Factor Authentication (MFA) are incredibly useful in protecting your systems, accounts, and devices.
2FA and MFA are essentially two or more methods that can verify your identity. A cybercriminal may be able to crack your username or password, but they do not have your fingerprint, Face ID, or your mobile phone to authorise a log in attempt on a mobile authenticator app.
2FA follows the idea of using a combination of two of ‘Something you know’, ‘Something you have’, and ‘Something you are’. So, you might have a password that you have remembered, a physical identification token like a badge, and a fingerprint scanner. Often times the ‘something you have’ will take the form of a different device, like a mobile phone, in order to verify your identity when connecting to services online.
By enabling MFA across your systems, accounts, and devices you are providing an additional layer of defence to protect you from a cyberattack.
You can contact the Cyber Resilience Centre for guidance and support through our e-mail or use our online booking system to make an appointment with one of our team.
Core members receive regular updates which include the latest guidance, news, and security updates. Our core membership has been tailored for businesses and charities of all sizes who are based across the seven counties in the East of England.
Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).
Click to Open Code Editor