Ransomware Attack: What Is Your Building Worth to You?

As cybercriminals find increasingly devious ways to infiltrate building systems, facility owners, operators and managers need to invest in better cybersecurity measures.

By Bryan Bennett August 19, 2021

Sensitive data held hostage is an all too common theme in the news recently. From SolarWinds to the Colonial Pipeline, cybercriminals have been flaunting cybersecurity gaps in major organizations leading to multi-million dollar ransom payments. While it is tempting for building owners and operators to rest in the false sense of security that they are off the radar of bad actors, Cybersecurity Practice Leader Bryan Bennett says that could be a costly assumption.

According to a 2020 Federal Bureau of Investigation (FBI) internet crime report, cyberattacks are a growing threat for small businesses and the U.S. economy as the cost of cybercrimes climbed to $2.7 billion last year. Bennett says as operational technology (OT), building systems and other internet of things (IoT) devices become more connected to information technology (IT) systems, there are more opportunities for bad actors to exploit cybersecurity vulnerabilities of any size business. According to Bennett, the reason is simple, easy money.

However, Bennett notes the real cost can go well beyond a ransom payment. Businesses can also suffer damage to business continuity, production time, potential customers and reputation. Building owners and operators may lose the trust of tenants. Bennett says investing in a qualified third party agent to uncover cybersecurity vulnerabilities before they are discovered by hackers is money well spent.

In addition to doing a cybersecurity audit every six months, other best practices to protect your facility or business from cybercrime is to train personnel to spot suspicious phishing emails, follow good web browsing practices and create strong passwords. Extra care should also be taken to protect sensitive customer and vendor data and to back up systems regularly.

This originally appeared on ESD’s website. ESD is a CFE Media content partner.

Original content can be found at www.esdglobal.com.


Author Bio: Bryan Bennett, Cybersecurity Practice Leader, ESD