Cybercrime not only endangers projects, it can mean financial loss, liability and reputational damage for AEC businesses. Here's where to find the technologies that are fighting back
The built environment plays a critical role in the most important issues facing society, from climate change to inequality and social justice.
Digitalisation offers one way for today’s designers and builders to seize the exciting opportunity to rethink the buildings and infrastructure we all depend on.
But technology also creates new risks. In the building sector and beyond, cyberattacks are a growing concern. Complaints reported to the FBI’s internet crime team between 2016 and 2020 resulted in losses of $13.3 billion, with the number of incidents rising steadily each year.
All signs point to continued increases, given the significant rewards and low risk for cybercriminals.
Cybercrime and the AEC sector
For AEC firms, the risks associated with online attacks range from financial loss and business interruption to reputational damage and liability.
Cybercrime can also jeopardise the buildings and infrastructure AEC professionals dedicate their professional lives to creating.
As US Civil + Structural Engineer magazine warns, 'Consider, for instance, if a hacker can access the design files for a bridge under construction and holds that information for ransom. Or imagine if a cybercriminal obtains design information that will allow access into a bus rapid transit system. The hacker can then tap into the transit agency’s network and create mass disruption.'
In a recent survey of global construction professionals conducted by tech company JBKnowledge, 13 per cent of respondents said they had experienced a data security breach within the past year.
Many also reported a failure to adopt safeguards such as securing personal devices that employees use for work, purchasing cyber liability insurance or requiring cross-platform authentication.
Building a digital defence
In an essay published by the AIA Trust, a risk management body affiliated with The American Institute of Architects, security experts write about the five key pillars of digital defence: governance; policies and procedures; infrastructure and standards; people and training; and relationships.
In practice, these translate into actions such as commissioning risk audits, regularly educating employees about cybersecurity and proactively identifying lawyers and other service providers who will be needed if an attack occurs.
Internal training efforts should help employees understand not only how to prevent cybercrime, but also how to react when breaches occur.
HP AEC community member Josh, an architect in the US, reports that his firm’s cybersecurity efforts benefit from an atmosphere of trust and respect. 'We have a culture of being open and understanding so people are not hesitant to report when they accidentally do something,' he says.
The importance of endpoint security
One vital element of the infrastructure pillar described in the AIA Trust essay is endpoint security. Endpoints are devices that allow users to access the company’s network: laptops, smartphones, tablets and the like.
This extends to printers as well. Cybercriminals can exploit printer vulnerabilities including unprotected network connections, software and ports to gain access to networks and data. Despite this, 78 per cent of companies fail to monitor their printers for security threats, according to a survey commissioned by HP.
Architect JoAnn notes that when Covid-19 emerged in early 2020, her firm upgraded its endpoint security and firewalls to gain more control over who had access to its server. But endpoints remain a concern.
Seamless printing with seamless protection
Security is a must as architects, engineers and contractors take on today’s biggest challenges. This is why HP produces the most secure plotters on the market*.
HP large format printers feature an embedded firewall that forbids any outbound connections that could give an attacker access to sensitive information. HP Connection Inspector continuously monitors the connections made by the printer to the internet, detecting suspicious patterns from malicious software connections.
The system acts on them, self-healing the system and preventing malware from causing any more damage. Because this is an embedded feature, malware cannot override it.
In addition, HP Sure Start detects and prevents the execution of malicious code and self-heals the basic input/output system (BIOS) in the event of a malware attack.
For more information and techncial support, visit hp.com
Isabella Delle Donne, marketing manager, HP Large Format Printing North West Europe
* Applicable to the HP DesignJet T1700 plotter series, HP DesignJet Z9+ PostScript printer series, HP DesignJet Z6 PostScript printer series, HP DesignJet Z9+ Pro printer , HP DesignJet Z6 Pro printer series, HP DesignJet XL 3600 multifunction printer series, HP DesignJet T2600 multifunction plotter series, HP DesignJet T1600 plotter series, HP PageWide XL printers and HP PageWide XL Pro printers. Advanced embedded security features are based on an HP review of 2021 published embedded security features of competitive printers and plotters, as of March 2021.