Recently it has been discovered that over 600,000 breached company email credentials from the UK’s leading construction, architecture and property firms are readily available on the dark web.
Of the email credentials available, more than 450,000 of the breached credentials were from the UK’s leading construction firms. 110,000 were linked to top UK architecture firms and just over 47,000 were associated with property developer firms.
Coupled with this leak, cybercriminals can use publicly available information like LinkedIn to strategically target specific individuals at certain organisations.
Security practice lead at MTI, Andrew Tang said “This data breach will have a significant impact on the construction industry. Without a full understanding of the breach, it’s difficult to know whether web application testing, data encryption, privilege account security or data loss prevention solution could have prevented or minimised the breaches. This level of data breach will leave construction organisations open to phishing, spear phishing, whaling or water holing attacks. Organisations should consider awareness and training to assist in minimising successful attacks”.
About our Cyber Security Series of articles
Our Security teams have identified common challenges organisations face when dealing with Cyber Security threats. This series of articles aims to help readers identify and address these risks. The most common and often overlooked aspect of cyber security, are people and the risks they pose across the organisation.
Whether knowingly or unknowingly, human beings are often the most common cause of IT security breaches and even if a business has robust, multi-layered IT security technology solutions in place human action can make these redundant and expose an organisation to real risk.
In this first series of articles, we look at key user types or roles inside an organisation as well as typical profiles that pose risks from outside an organisation.
Ignore them at your peril – they’re often the cyber criminal’s easiest way through your technological defences.