UK Construction Firms Face Cyberattack Following Dark Web Data Leak
The login credentials of more than half a million employees working in the UK’s construction, architecture and property development sectors have been discovered on the dark web.
More than 600,000 breached company email login details from the UK’s leading construction, architecture and property firms are readily available to criminals on the dark web.
Cybersecurity firm RepKnight found the stolen credentials using its Dark Web monitoring tool, BreachAlert. Its investigation was part of its campaign to raise awareness of the dangers of the dark web among enterprises.
Architecture and property development
More than 450,000 of the breached credentials were from the UK’s leading construction firms. A further 110,000 were linked to top UK architecture firms and slightly more than 47,000 were associated with property developer firms.
These breached credentials can be used by cybercriminals to gain unauthorised access to a host of sensitive corporate information, including tenders, proposals, plans, drawings and client data, which could severely damage a business.
Cybercriminals can also research the compromised credentials against public information such as LinkedIn profiles, to identify strategic targets within an organisation. Then, accessing the target’s email without having to change passwords or raise suspicion enables cybercriminals to redirect (exfiltrate) internal and external emails to an account under their control. For example, RepKnight recently assisted a large client that had more than 5,000 emails re-directed to an unauthorised person in a five-day period.
Patrick Martin, cybersecurity analyst at RepKnight, said: “With the growth in digital information sharing across the construction project lifecycle, the possibility of a data breach occurring at some stage becomes ever more real.
“Because of this, these firms must ensure that they have ‘high visibility’ of their data at all times and have safety measures in place to protect it – especially because most of their sensitive data often lives outside the firewall. Monitoring for cyber-attacks or data breaches inside their corporate network is no longer enough, as it is possible that a breach can happen anywhere across the entire supply chain of your business.
“As such, dark web monitoring technology is crucial to dealing with the threat of data breaches – giving firms the ability to monitor millions of dark web pages and associated dump sites, and acting as a ‘burglar alarm’ for their data.”