Why Cybersecurity Matters in Construction — Part 1 of 2

March 17, 2021 - 11:29am

Article written by Kati Viscaino on the Viewpoint blog

Read a real-world example of a contractor’s experience with a cyber attack and the steps it took to thwart the next attempt.

Atlanta, Ga.-based E.R. Snell Contractor, Inc. thought its chances of being the victim of a cybersecurity attack were slim. In September 2020, however, the company found out what many businesses have learned: a data breach can happen to any organization.

With an annual project volume between $200,000 and $400,000, E.R. Snell — like most businesses — can’t afford to deal with a significant business disruption, which is why more and more contractors are putting the proper cybersecurity resources in place to help protect their operations from growing cyber threats. Justin Snell, E.R. Snell’s vice president of technology, recently sat down with Mike Dooley, Viewpoint’s information security officer, to discuss the recent cybersecurity event at the company and how it was addressed.

Pre-Attack

Prior to the attack, E.R. Snell had approximately 90% of its software system on-premises with the other 10% in the cloud. To prevent cybersecurity threats, the company invested in cyber insurance that provided anti-virus protection, but not endpoint detection and response (EDR). Both the cloud and on-prem servers were backed up daily. However, in the case of an emergency, E.R. Snell relied on access to these backups in order to initiate a basic recovery plan.

The Sunday before Labor Day, E.R. Snell began receiving alerts from its anti-virus system. Cyber criminals had encrypted the company’s on-premise servers and deleted almost all of the cloud backups. Due to the company’s lack of a stringent password policy, the hackers were also able to compromise an employee’s email account, place a key-logger on the on premise mail server and gain administrative access. Through the chat service, the hackers then demanded a ransomware payment through bitcoin.

Cyber Attack Response

With no time to spare, the executive team at E.R. Snell gathered on Labor Day. Within 24 hours, Snell said, they had hired an incident response team and attorney. Luckily, the company was prepared with cyber security insurance and were able to quickly make a claim. The company worked with Viewpoint (it’s provider of construction and financial management solutions) to move its Vista ERP to the cloud — where both stronger real-time data and data security measures could be realized — and set up environments for the estimating and operations software through Azure.

Multi-factor authentication was also set up on all critical accounts, including email. During these processes, all backups being held for ransom were recovered, giving E.R. Snell the freedom to ignore the ransom demands.

Though the company was able to learn and avoid paying the ransom money, R.E. Snell was far from being untouched by the attack. More than $800,000 in insurance and betterment fees were paid out, in addition to multiple days lost days of work. Due to the lack of available software, multiple departments had to turn to manual processes that required excess time and resources. Throughout the three weeks of triage, R.E. Snell hired an outside accounting firm to rebuild five months of data and an outside IT firm to rebuild more than 200 computers. From beginning to end, it took three months to completely rebuild all the missing data.

Post-Attack Adjustments

Since its recovery, E.R. Snell has made several companywide adjustments. One of the biggest changes the company made was moving 80% of its systems to the cloud and keeping only 20% on prem. Additionally, knowing the importance of being prepared and ready for future attacks, the company has incorporated more data security measures into its annual budget. Before the attack, the company was spending $20,000 to $30,000 a year on security. Now, it budgets between $100,000 and $120,000 toward cyber security preparedness.

E.R. Snell partnered with Crowdstrike to ensure a variety of security services were up and running, including antivirus protection, EDR and threat hunting.To provide further protection, the company also implemented Office 365, enabled multi-factor authentication, provided monthly phishing tests and training, began enforcing a password policy and completes frequent evaluations of server health.

“Technology evolves so fast, and you have to not only stay ahead of the competition, but you have to stay ahead of threat actors. If anything, this was a sobering experience of understanding the threats,” said Snell.

No company, no matter how large or small, should feel that they are immune from being a target of cyber attacks. In the second part of this blog, we will dive into cybersecurity best practices that every organization should consider implementing. In the meantime, listen to E.R. Snell’s full story here:

 
 
 
 
 
 
 
 
 
Best Practices

What Our Clients Say

"Thank you for your assistance/responsiveness to assist us in getting P6 back online so quickly today. We appreciate all the support you provide."

M.J. (Manufacturing Firm)

"We appreciate Tim and all of his excellent support."

M.J. (Manufacturing Firm)

"I want to let you know how grateful we are for Robert Pacheco’s assistance. He was able to meet with me and discuss the issue promptly and complete the fix within a short amount of time. He is surely an asset, and we are thankful to have such a great resource."

Marques General Engineering, Inc.

"The level of service CDP provides is exceptional and always far exceeded my expectations. You can quote me on that!"

The Wesson Group LLC

"Kristen is a very valuable resource for us!"

LCI-Lineberger Construction Inc.

"Greg is terrific, and I’m so excited to have a better resource! I have him working on several projects now with many more to come."

Progressive Plumbing

"It’s a pleasure working with Robert. He's very patient, knowledgeable and goes far beyond to help with any issues we have as a company or as an individual."

HL Contractors

"I wanted to let you know Dan did a great job. He has a vast amount of knowledge, and I feel very fortunate to be working with him."

H.F. (Mechanical Contractor)

"He did a great job online and an equally great job in person. We’re enjoying working with our new Spectrum Viewpoint accounting software."

Chambliss & Rabil Contractors, Inc.

"Michael and Matthew have exceeded my needs and expectations. I get help same day 95% of the time, which is very important in my business at times. They are professional and courteous 100% of the time. Zero complaints."

Mitchell Brothers

"Beth is absolutely wonderful to work with! I appreciate her patience and professionalism. It’s a relief to know I can count on her to respond and be a life line for us as we continue to learn the system. She is truly top notch."

Eastbound Mechanical

About CDP

We understand your business because we have worked in your industry. The real world experience of our expert staff allows us to implement solutions tailored to the unique needs of your company.

Our extensive experience since 1981 fulfilling the needs of Project-Centric organizations, has shown the one certainty is: “All Customers Are Not The Same”. Your needs are different, because of your industry, expertise, people and processes. CDP works with you to address both long-term and short-term business objectives.

Read more about CDP

Products

Spectrum Construction Management

Trimble ProjectSight

Vista - Integrated Construction ERP

Arcoro HR Management

BuildOps

Oracle | Primavera

Phoenix Project Manager

InEight Estimating and Project Cost Management

Unanet CRM

TopBuilder

Prophix

PRC Software

See Partners

Contact CDP

Phone:  800-648-0527
info@cdp-inc.com

Contact

Privacy Policy

 

© 2023 CDP, Inc. All rights reserved.

Designed and powered by OpenSpark