The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Tuesday, 14 July

More Global FM Firms Hit By Cyber Attacks

More Global FM Firms Hit By Cyber Attacks
21st February 2020
 

EMCOR Group and Bouyges are the latest FM companies targeted by malicious software attacks. 

The website of EMCOR Group, the global providers of facility services, remains live and unaffected, but “certain IT systems” have been shut down to contain the issue. 

Bouygues, the French construction and FM services company has also suffered from malware intrusion. It is still being affected by a “ransomware-type virus” from the initial detection on 31 January. As of yet, no further update has been released.

This news comes as ThisWeekinFM revealed ISS World was the target of a massive malware attack. In the week ending Friday 21 February all group websites are currently down. Reuters confirmed that the company’s shares traded down around 3.5% shortly after the announcement.

 

Global FM under attack

 

EMCOR Group revealed in a statement on Thursday 27 February:

“EMCOR recently determined that we were the target of a systems intrusion in which a third party infected certain of the company’s systems with malware.

“As a precautionary measure, we immediately shut down certain IT systems to help contain the problem and we implemented business continuity plans where appropriate to facilitate ongoing operations.”

“As a precautionary measure, we immediately shut down certain IT systems to help contain the problem and we implemented business continuity plans where appropriate to facilitate ongoing operations.”

– EMCOR statement

“We have retained a leading cybersecurity forensic firm to assist with an extensive review of the situation. Security, in all its forms, is a top priority at EMCOR, and we remain committed to protecting the integrity of our systems”

Fraudulent emails

 

According to UpGuard, a company that helps businesses manage cybersecurity risk, EMCOR's systems are currently: 

 

  • Susceptible to man-in-the-middle attacks
  • Emails can be fraudulently sent
  • DNS is susceptible to man-in-the-middle attacks

 

EMCOR suggest in their statement that any email contact from the company should be treated with caution:

“EMCOR Group and its companies do not reach out to individuals to help with marketing or other similar services; if an individual is contacted for services outside of EMCOR’s normal application process – it is probably fraudulent”

In terms of a notice to the group’s customers, the following advice has been provided: 

“EMCOR Group and its companies have not changed its payment procedures or bank accounts. Please continue to use the method of payment that you have historically used in order to pay us”.

Ransomware on Bouygues Construction’s network 

 

Bouygues Construction’s systems have also been experiencing ransomware problems since late January.

According to ZDNet, it is rumoured that the Maze ransomware group was behind the attack, with employee data such as names, home addresses, phone numbers, social insurance numbers, banking details, and drug test results. being published online.

“A ransomware-type virus was detected on Bouygues Construction’s computer network on 30 January. As a precautionary measure, information systems have been shut down to prevent any propagation."

–Bouygues Statement

The official statement from Bouygues reads:

“A ransomware-type virus was detected on Bouygues Construction’s computer network on 30 January. As a precautionary measure, information systems have been shut down to prevent any propagation.

“Our teams are currently fully focused on returning to normal as quickly as possible, with the support of experts. Installations are progressively being put back into service after being tested.

“Operational activity on our construction sites has not been disrupted to date."

Picture: EMCOR Group and Bouyges are the latest FM companies targeted by malicious software attacks. 

Article written by Ella Tansley – published 21st February 2020

Share



Related Articles

What Can The FM Sector Learn From The ISS Malware Attack?

After breaking the news of the ISS World malware crisis, ThisWeekinFM speaks to the industry experts, to identify how FM companies can better manage cybercrime...

 Read Full Article
ISS Update On The Impact Of Malware Crisis 

In an official company announcement, ISS World has today confirmed that they have regained control of “the vast majority” of their IT infrastructure. This...

 Read Full Article
Who Is The Weakest Link?

According to Sophos, 70% of internet users have the same password for almost all the web services they use - and there are groups of businesses and individuals who are...

 Read Full Article
Anatomy Of A Cyber Attack

The cyber attack on the global heavy manufacturing sites of Norsk Hydro saw the aluminium producer lose over £25.5 million in under a week. Here we detail three...

 Read Full Article
Global Ali Producer Shut Down By Cyber Hack

A major global aluminium producer with multiple sites, including furnaces, has been the victim of a major and malicious cybersecurity attack. A lack of ability to connect...

 Read Full Article
Hackers' Paradise - Easy Access...And Ransoms Paid

One report says on average, one third of business decision makers would pay hackers' ransom demands; while another - DNS Threat Report -  shows European...

 Read Full Article
Ransomware - the Protection Racket

ThisWeekinFM has been making a racket about Cyber Security because vulnerabilities are exploited at a personnel and personal level - where FM's should have some...

 Read Full Article
Interserve – The Latest

It was reported that in mid-May that Interserve was involved in a cyber attack, involving the theft of information on current and former Interserve...

 Read Full Article
ISS To Provide Soft Services At New Nightingale Hospital

The FM industry continues to step up to the challenge set by COVID-19, with ISS UK taking on the soft services contract at ExCeL exhibition centre. ISS will deliver...

 Read Full Article
ISS World Malware Attack

ISS, a leading provider of facility services, was the target of a malware attack, meaning all group websites are currently down. ISS employees, including 4,000 in the...

 Read Full Article