The Rising Cybersecurity Threat to Construction Projects

Historically, the construction industry has been slow to adopt new technologies, this has led to a recent rapid adoption that is increasing efficiency, streamlining operations and improving project outcomes. However, it is also leaving construction companies open to threats that could potentially cause disputes during projects.

The adoption of Building Information Modelling (BIM), the Internet of Things (IoT), drones and advanced project management software have left construction projects vulnerable to cybersecurity attacks. 

What cybersecurity threats are affecting construction?

The construction industry is becoming rich with digital data that cybercriminals are seeking to exploit. Some of the most common ways this data is compromised are through;

Ransomware attacks: Stolen data is encrypted and cybercriminals demand a ransom to release it back to the company.

Phishing attacks: Deceptive emails sent to trick recipients into divulging sensitive information that leads to unauthorised access to systems.

Data breaches: Unauthorised access to sensitive data. For construction companies, this could include project plans, financial information and personal details of employees and clients.

Insider threats: Malicious users are being given access to sensitive data either intentionally or unintentionally by employees/contractors.

How can cybersecurity threats lead to legal disputes?

It is no surprise that cybersecurity threats can lead to legal action, but how can they lead to disputes specifically? As I have emphasised many times throughout these newsletters, construction disputes are often caused by one of three things:

- Costs: Going over budget or running out of money.

- Time:  Projects not completed by the agreed-upon time.

- Quality: The quality standards outlined are not met.

The most common way that cybersecurity attacks could lead to disputes is by delaying projects. These attacks cause construction projects to slow down or, more often, come to a complete standstill. In some cases, if the stolen data includes construction projects, there is a high risk that projects will be delayed indefinitely.

Should the project resume after the cybersecurity attack has been dealt with, disputes could still arise due to the ripple effects of these attacks. The initial delay could incur unavoidable costs to make up for the lost time or corners may be cut that would impact the quality of the completed project. 

While Mercantile Barristers are not cybersecurity experts, we are experts in cases of disputes. We are specialist consultants in law for when the legal issues involved are complex, intricate and so important that the most seasoned expertise in advice and handling is required. 

Barristers are traditionally seen as “stuffy” and “unapproachable” but at Mercantile Barristers our members are modernising legal tradition by refusing to be anything of the kind. We are down-to-earth practical legal experts who are extremely user-friendly. That is why we ensure that we keep up with current threats to the construction industry - such as cybersecurity attacks - so that we are better able to advise our clients.