Are building companies really at risk of DDoS attacks?

After all, the industry's focus is on physical work with bricks and mortar. Surely digital activity is fairly minimal and unlikely to attract cyber criminals - isn't it?

Photo of worker on rebar

Here on the Eastern Cyber Resilience Centre, we have seen that the construction industry has shown a significant reliance on technology over the last decade. There have also been seismic shifts in relation to project delivery and how organizations operate. From office operations to activities on-site, technologies such as cloud storage, email and smartphones are commonplace.

Photo of 3D printer

Digital tools, such as Building Information Modelling (BIM), are becoming increasingly commonplace at the design stage, along with technology such as 3D-printing, remote building monitoring systems, brick-laying robots, and other automated techniques. It is quite clear that the sector is unquestionably operating in a modern, digitized and connected way.


But as the industry progressively embraces modern technologies it cannot afford to ignore the corresponding risks. If unmanaged, cyber risk ultimately threatens to outweigh the benefits gained from continued technological advances. It is a common misconception that because the industry doesn't regularly deal with personal data that it is not a target for cyber criminals. But unfortunately, this is not the case. The industry presents a wide range of attractive opportunities for cyber criminals.


From controlling critical services, to the theft of trade secrets, there are many reasons that a construction sector organization could fall victim to cyber-crime. Tracking cyber incidents can be tricky, especially as a lot of incidents still go unreported. And while the construction sector may experience cyber-crime, unless a breach conforms to strict reporting requirements, the majority will not be publicized. This lack of knowledge-sharing can lead to underestimates of the true nature and scale of cyber exposures. If the industry is unaware of common vulnerabilities, it presents low-hanging fruit for cyber criminals.

The average cost of a data breach currently sits at nearly four million US dollars. Imagine, for example, that your entire library of CAD drawings was encrypted and ransomed, or simply deleted. What would it cost to recommission and replace them all? Then, add the wide range of associated business interruption costs, such as delays to on-going projects and employee overtime. You then begin to see the true impact of a potential cyber incident.


So, what is a DDoS attack?

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, website, or network by overwhelming it with a flood of Internet traffic.


DDoS attacks frequently come from multiple sources to make their identification more difficult. It can also hinder the victim organization’s attempts to stop the DDoS.


In lay terms it’s like an unexpected traffic jam clogging up the highway, preventing regular traffic from arriving at its destination.


DDoS normally present themselves, as you would expect, by a slowing or crashing of a company’s network or website. Which costs you time, reputation and money and potentially drives your customers to competitors websites.


Pictorial image showing representation of DDoS

Can you protect yourself from these attacks?

DDoS attacks are notoriously difficult to prevent. The attackers don’t necessarily need internal access to the network as the attack is from the outside. They are increasing in complexity and sophistication meaning that defence against these dark arts needs continual review. But the key points for protection to remember are

  1. Know your network's traffic. A free tool that we can recommend here is Police CyberAlarm | The Eastern Cyber Resilience Centre (ecrcentre.co.uk)

  2. Create a Denial-of-Service Response Plan within your incident response plan Tools | Eastern CRC (ecrcentre.co.uk) – one of the areas covered within the Cyber Essential (CE) Program

  3. Make your network resilient and practice good cyber hygiene using CE principles

  4. Scale up your bandwidth. The greater the bandwidth the more effort a DDoS attacker will have to make to crash your site. Moving your operation to the cloud may help.

  5. Take advantage of anti-DDoS hardware and software. Speak to your Managed Service Provider (MSP) if you have one.

  6. Make sure all staff know the symptoms of an attack and respond quickly to it using your plan.

What next?

The impact of a successful attack against your website or network can be catastrophic and lead to website downtime, loss of business and loss of reputation. In the worst cases it can lead to the closure of the business altogether. But all is not lost.


As well as the above tips, join our community for free by clicking through to https://www.ecrcentre.co.uk/core-membership-sign-up. You will be supported through implementing the changes you need to make to protect your business and your customers.


For small and medium sized businesses in the Eastern region consider working towards achieving Cyber Essentials accreditation – the basic government backed kite mark standard for cyber security. Find out more about cyber essentials here.

Cyber essentials logo


Reporting Cyber Crime


Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).


Action Fraud logo