Cyber Lessons for the Construction Sector:
The Ukraine Example

In December 2015, Ukraine experienced a major cyberattack, causing an unexpected and alarming blackout. Three major electricity companies were incapacitated, leaving 225,000 Ukrainians without electricity for about six hours. This incident serves as a benchmark for the severity and scope of cyber threats that can affect other vital sectors, such as construction.

cyberattaque Ukraine black out électricité

Preparation: The Genesis of the Attack

This attack was neither random nor spontaneous. Behind the chaos was a finely crafted malicious strategy. Hackers closely linked to the Russian government aimed to instill fear among the Ukrainian population.

The first phase was information gathering. They employed sophisticated phishing techniques. Phishing is an online scam attempt where fraudsters try to impersonate a trustworthy entity.

This phase involved sending seemingly legitimate emails to the staff of the electricity companies. These messages contained attachments that, once opened, released the BlackEnergy malware. The silently deployed malicious elements were pre-configured to collect important data on internal networks. This allowed the attackers to penetrate, explore, and analyze the computer systems.

Execution: A Devastating Blackout

The attack’s execution phase was swift but dreadfully effective. By remotely manipulating control commands, this malware operated silently, allowing the attackers to lock the systems and block any recovery attempts, thus maximizing their offensive impact. The hackers then triggered massive power outages, plunging entire regions into darkness for nearly six hours.

Repercussions: A Profound Impact on Cybersecurity

The 2015 attack in Ukraine was a defining moment in cybersecurity, influencing policy, regulation, international cooperation, and the global awareness of cyber threats and how to counter them.

It alerted governments, businesses, and the public to the danger of cyberattacks against critical infrastructures. Moreover, the international community realized that electric grids and other essential infrastructures are vulnerable to malicious attacks.

The incident also stimulated international cooperation in cybersecurity. Countries around the world began to collaborate more closely to share threat information and develop common strategies to prevent and respond to cyberattacks.

Lessons for the Construction Sector Facing Cyberattacks

Like electric grids, the construction sector relies on interdependent digital technologies, thus exposing its operations to high risks of cyberattacks. Malicious intruders could have the ability to modify architectural plans, causing significant delays, unforeseen costs, and security challenges.

Beyond the classic extortion via data ransom, the motivations of these cybercriminals are often more obscure than they appear. While you attempt to recover or restart your activities, these cybercriminals are selling your stolen information on clandestine digital markets, like the darkweb.

Additionally, the consequences may also include:

Loss of Intellectual Property: Construction plans, innovative work methods, and other intellectual properties can be stolen, resulting in a loss of competitive advantage.

Client Confidentiality Breach: Sensitive client information can be exposed, leading to legal disputes and regulatory sanctions.

Disruption of Equipment and Software: Attacks can disable or damage important hardware and software, thus hampering daily operations and project progress.

Virtual Sabotage: Hackers can manipulate data and plans, leading to costly and potentially dangerous construction errors.

Deterioration of Partner Relationships: Trust between the company and its suppliers, partners, or subcontractors can be eroded, affecting future collaborations.

Organizational Stress: The entire organization can experience significant stress, affecting employee morale and productivity.

Protecting Yourself Effectively

In today’s digital industries where cyber threats are omnipresent, deploying preventative protective measures is essential to safeguard effectively. That’s why anticipation is the first essential line of defense against these threats.

Staff training plays an important role, promoting a deep understanding and recognition of the risks associated with cybersecurity. It is also imperative to establish rigorous data governance. This governance requires meticulous control over who has access to information and also defines how this data is shared and manipulated. To ensure optimal security of your data, these security measures must be complemented by quality encryption tools, such as those offered by ScredIn.

By choosing a trusted partner like ScredIn, your company can navigate through digital security challenges with peace of mind. Specializing in automated encryption and decryption solutions, ScredIn ensures the security of data and communications between stakeholders in the construction and engineering sectors. These solutions minimize the risks of human error, thus allowing your teams to work in complete tranquility and confidence.

For advice adapted to your context or a customized demo.

Find out more about our products
Enjoyed this article? Share it!
Picture of Haneen HAMDAN


Business Developer at ScredIn
I talk about cybersecurity, with a focus on construction and digital engineering.