Cyberattacks are increasing in the construction industry. These attacks can shut down business operations, cause reputational damage and result in costly litigation and fines.

But what could a cyberattack mean for your business? We provide an overview of the primary cyber threats impacting construction organizations, according to Advisen data, as well as an outline of associated risk mitigation strategies.


The construction industry is an appealing target for cybercriminals. This is due to a number of factors, including:

  • Reduced cyber preparedness—The construction sector remains largely unregulated with regard to cybersecurity and privacy. As a result, cyber preparedness hasn’t been prioritized by many in the industry. In fact, according to an IBM study, 74% of construction organizations aren’t prepared for a cyberattack.
  • More desirable data—Construction firms store large amounts of sensitive business data and personal information, making them lucrative targets for cybercriminals. If this data is improperly accessed, it may result in reputational damage, regulatory fines, and related lawsuits.
  • Increased adoption of technology—Many of the devices used by construction companies to increase workplace efficiencies (e.g., asset tracking, machine control, and worksite security) are vulnerable to cyberattacks.
  • Elevated third-party exposures—Construction companies frequently work with multiple vendors or third-party contractors, increasing their cyber exposures. After all, a data breach within any one of these partnered companies could result in widespread cyber losses.

Cyber Losses in Construction by Accident Year



Advisen data shows cyber losses in the construction industry have risen since 2010, with the most dramatic increase occurring in 2020. The decrease in 2021 is likely due to a data lag and therefore may not be representative of an actual decline in cyber losses.

The spike in 2020 may be partially due to an increase in cyberattacks overall. According to the FBI, cyberattacks increased by 400% in 2020.

Top Cyberthreats

Cybercriminals use a variety of methods to attack construction enterprises. Here are the most common types of cyber losses in construction:


Construction Losses by Type


Unauthorized contact or disclosure is the most common type of cyber loss in construction, accounting for 44% of recorded losses. These losses include any event in which information is exposed to unauthorized parties. Malicious data breaches and ransomware attacks account for 30% and 10% of the remaining cyber losses, respectively.

While ransomware attacks currently only represent the third-most frequent type of cyber loss in construction, such attacks are a growing concern. In fact, a recent survey found construction was the top industry targeted by ransomware in 2021.

Construction Losses by Source



Cyberattacks in the construction industry most frequently originate from attacks on company servers, according to Advisen data. Telephone communications and emails are the second and third-most frequent sources of cyber losses in the construction industry.



Construction Losses by Information Targeted



Personal identifiable information (e.g., names, Social Security numbers, and driver’s license numbers) are targeted in 60% of cyberattacks in the construction sector. Personal financial information and personal health information are targeted in 36% and 4% of cyberattacks in the industry, respectively.



Notable Losses

Notable cyberattacks on construction enterprises in Advisen’s database include:

  • Bird Construction—In 2019, Bird Construction was allegedly targeted by MAZE cybercriminals. The hackers stole 60 gigabytes of data, including Social Security numbers, banking details, names, email addresses, and health information.
  • Bouygues Construction—In 2020, cybercriminals allegedly breached the server of Bouygues Construction. As a result, the entire company network was shut down. The cybercriminals allegedly stole 200 gigabytes of data and demanded a $10 million ransom.

Between response costs, potential ransom payments, and associated fines, cyberattacks can quickly cost millions of dollars in damage.

Risk Mitigation Strategies

Although cyber threats are prevalent, there are steps construction companies can take to minimize their risks. Here are some strategies for companies to consider:

  • Conduct training. Educate employees on how to recognize potential cyberattacks. Provide clear instructions for employees to follow if they believe a cyberattack has occurred.
  • Prioritize supply chain management. Identify the risks of working with external organizations. Consider creating legal contracts with contractors and third-party businesses to address cyber risk management.
  • Have a plan. Develop and practice a cyber incident response plan. This should include identifying an internal and external response team, clarifying the roles and responsibilities of key team members, and anticipating critical business continuity measures and workplace safety issues.
  • Purchase proper insurance. Speak with a trusted insurance professional to secure sufficient coverage for cyber losses.


Cyberthreats have become increasingly common among construction enterprises. As such, proper risk mitigation strategies are necessary to reduce the risk of costly cyberattacks. For more information on reducing cyber risks, contact us today.