Companies in the Architecture, Engineering & Construction (AEC) industries are more than twice as likely to suffer from a ransomware attack, compared to companies in other industries, a new report from cloud security firm Egnyte suggests.
Analyzing numerous reported incidents, Egnyte found that almost a third (31 percent) of victims are attacked at least twice every 16 months. A “small number” are attacked even more frequently, the company added.
Being a large American firm makes a company a popular target, the report states, with North American companies with at least 1,000 employees at the highest risk of attack.
Being schedule-driven is also a major factor, as criminals often prey on firms that cannot afford delays. Furthermore, AEC firms have many remote workers and outside contractors with whom they share data, and that only increases the number of potential entry points.
Finally, Covid-19 has tightened up profit margins for many of these companies, making them more likely to pay the ransom in order to return to operation, the report concluded.
“The threat of ransomware continues to rise as economic and technological factors make AEC firms prime targets for threat actors,” said Ronen Vengosh, VP of AEC, Egnyte.
“Firms need to invest in a holistic defense program which is a combination of the right prevention technologies, content governance, and user-education so they can mitigate potential attacks and avoid any business disruptions.”