The construction sector is now a prime target for state-sponsored advanced persistent threat groups from countries such as China, Russia, Iran, and North Korea. These actors exploit weak security practices, outdated legacy systems, and the industry’s reliance on third-party vendors to gain access. By targeting Remote Desktop Protocol (RDP), Secure Shell (SSH), and Citrix systems, they can steal sensitive project data, financial records, and proprietary information.
Cybercriminals often use phishing, compromised credentials, and supply chain vulnerabilities to infiltrate networks initially. Once access is gained, they can move laterally across interconnected systems, exfiltrating valuable data like contracts and personal information. Rapid7 researchers have noted a rise in credential trading on dark web marketplaces, allowing attackers to purchase access to compromised networks, significantly reducing the effort needed for initial compromises. As the construction industry rapidly digitizes, the risks increase, making robust cybersecurity measures imperative to protect sensitive information and operations from corporate espionage and ransomware threats.
👉 Pročitaj original: Cyber Security News
