Under siege: defend against emerging cyber threats

Emerging Cyber Threats: Attacker

Under siege: defend against emerging cyber threats

Cyber threats: Large-scale infrastructure projects to manufacturing operations, architecture, engineering and construction depend on data and digital systems to operate efficiently. As a result, they have become increasingly vulnerable to emerging cyber threats. In Australia, where digital transformation in the AEC industries is rapidly evolving, cybersecurity has become a pressing concern.

Ransomware: A Major Disruptor

Ransomware attacks have risen sharply in recent years, with the AEC industries being particularly vulnerable. These sectors often rely on complex, interdependent networks and critical operational systems. A successful ransomware attack can cripple operations, leading to downtime, missed deadlines, and significant financial losses.

A 2021 report from the Australian Cyber Security Centre (ACSC) (view) highlighted that ransomware was the most common type of cyber incident reported by businesses in Australia. The construction industry, in particular, is frequently targeted because of its reliance on digital blueprints, project management systems, and sensitive client data.

Solutions:

  • Regular backups: Ensure that critical systems and data are backed up frequently and stored in isolated environments.
  • Endpoint protection: Use advanced endpoint detection and response (EDR) tools to identify and mitigate ransomware attacks before they cause widespread damage.
  • Incident response plans: Develop and regularly update a comprehensive incident response plan, so your business is ready to act quickly in the event of an attack.

Phishing and Social Engineering: Exploiting Human Error

Phishing and social engineering attacks are some of the most common ways cybercriminals infiltrate businesses. These attacks exploit human error, using deceptive emails or messages to trick employees into revealing sensitive information or downloading malicious software.

In the AECMM industries, where communication is often decentralised and involves numerous contractors, suppliers, and stakeholders, phishing attacks can be particularly effective. A leading cybersecurity report noted that phishing remains a top cause of data breaches across Australian industries. Given the project-based nature of work in these sectors, workers often receive a high volume of emails from unfamiliar contacts, increasing the likelihood of falling victim to phishing schemes.

Solutions:

  • Employee training: Regular cybersecurity training can significantly reduce the likelihood of phishing attacks succeeding. Workers should be taught how to recognise phishing attempts and follow best practices for verifying suspicious messages.
  • Email filtering: Implement robust email security tools that can detect and quarantine phishing emails before they reach employees.
  • Multi-factor authentication (MFA): Enforcing MFA for email and sensitive applications adds an extra layer of security, even if credentials are compromised.

Supply Chain Vulnerabilities: A Weak Link

The supply chain is a critical aspect of the AECMM industries. However, it also represents a significant cybersecurity vulnerability. A cyberattack on one vendor or supplier can expose the entire supply chain to risk. For example, a contractor providing design software could be compromised, resulting in malware spreading to all connected clients.

According to the Australian Government’s 2024 Cyber Security Strategy, supply chain attacks are a growing concern, as they allow attackers to infiltrate networks via trusted partners. The 2020 SolarWinds attack demonstrated how a single compromised vendor could have devastating consequences for multiple organisations.

Solutions:

  • Supplier audits: Ensure that all suppliers and vendors follow strict cybersecurity standards and conduct regular audits of their security practices.
  • Network segmentation: Segregate critical systems from those connected to external vendors or less secure networks to minimize the impact of a supply chain breach.
  • Zero-trust policies: Adopt a zero-trust architecture, where every network interaction is continuously verified, regardless of its origin within the supply chain.

Cloud Security: Balancing Convenience and Risk

Cloud adoption has surged across the AECMM industries as companies look to enhance collaboration, streamline workflows, and store vast amounts of project data. However, cloud services bring unique security challenges, particularly when it comes to data privacy, access control, and compliance.

A 2023 study by the Office of the Australian Information Commissioner (OAIC) found that 35% of data breaches in Australia were linked to cloud misconfigurations. A common issue is the improper configuration of cloud storage, which can expose sensitive data to the internet, leaving it vulnerable to cyberattacks.

Solutions:

  • Cloud security audits: Conduct regular audits to ensure cloud configurations are secure and compliant with relevant data protection laws.
  • Access control: Limit access to sensitive cloud environments using role-based access control (RBAC) and enforce strong authentication measures.
  • Encryption: Ensure all data stored and transmitted via the cloud is encrypted to protect it from unauthorised access.

Industrial Control Systems (ICS): Critical Infrastructure at Risk

Many companies within the AECMM industries, particularly in manufacturing, rely on Industrial Control Systems (ICS) to manage critical operations. These systems, which were once isolated from corporate networks, are now often connected to increase efficiency and allow for remote monitoring. Unfortunately, this connectivity also exposes ICS to cyberattacks.

ICS attacks can cause widespread disruption, with the potential for physical harm, equipment damage, and production halts.

Solutions:

  • Network segmentation: Separate ICS from other networks, ensuring that they are not accessible from the internet or corporate environments.
  • Real-time monitoring: Implement real-time monitoring systems to detect anomalies or unauthorised access attempts in ICS environments.
  • Regular updates: Keep ICS software up to date with security patches to minimize vulnerabilities.

Lessons Learned and Next Steps

Cybersecurity in the AECMM industries is complex, with threats ranging from ransomware and phishing to supply chain attacks and ICS vulnerabilities. NexSys IT has encountered these challenges repeatedly while working with businesses across these sectors. What’s clear is that cybersecurity is not just about implementing the right tools—it’s about building a culture of vigilance, training employees, and continuously improving security protocols.

The organisations that fare best against emerging cyber threats are those that proactively address vulnerabilities through regular audits, employee education, and stringent access controls. While the AECMM industries face specific cybersecurity challenges due to the nature of their work, the solutions available are practical and achievable.

By staying informed and taking preventive measures against emerging cyber threats, IT professionals can significantly reduce the likelihood of a successful cyberattack and ensure their businesses remain secure in a rapidly evolving digital landscape.

Learn more about NexSys Cyber Security here. Otherwise, contact us today to learn more about defending your business.