Don’t Get Hacked, Get a Better Password!

By Cass Jacoby, RCS Reporter.  

Hackers are targeting the construction industry’s cybersecurity because of our notorious bad password hygiene. Read on to learn why it’s time to step up the protection of your companies' data.  

When you spend most of your time outside for your job, it can be hard to think about what is happening online. However, it is this exact disconnect between the field and the office that can create lapses for hackers to exploit. Increasingly, hackers are targeting vulnerable construction companies, knowing that they are unprepared for an attack.  

NRCA reports that behind economic uncertainty cyber risk is the second-highest concern amongst businesses from security breaches to unauthorized access to financial systems. So why is it that the construction industry isn’t stepping up their cyber security?  

ForConstructionPros reports that the problem lies in passwords that are non-secure. The easiest way that hackers can get into your accounts and breach data is through passwords.   

Research from NordPass reveals that construction and manufacturing industry employees in particular use weak passwords, making it easy for hackers to access accounts. These bad personal password habits can transfer back to the business as weak passwords are one of the top causes of data breaches.  

“Businesses and their employees have a duty to protect their customers’ data. A weak password of one employee could potentially jeopardize the whole company if an attacker used the breached password to gain access to sensitive data,” says security expert at NordPass Chad Hammond. 

Nordpass reports that the top 10 passwords used in the construction and manufacturing sector are: 

1. Company name* 

2. password 

3. aaron431 

4. 123456 

5. Company name eu* 

6. 123ccp 

7. pass1 

8. company name* 

9. Company name* 

10. Company name* 

*This password is a company name or a variation of it (e.g. Company name2002). We are not naming the exact company. 

Simple passwords like these can have huge ramifications when it comes to cyber security. Consider a case back in December of 2020 when SolarWinds suffered from a big data breach, reportedly due to protecting one of their servers with the password “solarwinds123.” 

According to a new report by Beyond Identity, 41.7% of employees admitted to having shared workplace passwords and more than one in five employees said they used the same password for their personal bank accounts as they did for work-related accounts. 

How do you create better passwords?  

• Nordpass recommends trying to create complex and unique passwords and update them regularly.  

• Talk to your employees and educate them on password hygiene.  

• Companies should use multi-factor authentication for an added layer of security.  

• Use a password manager, a software application that stores and manages online credentials instead of writing down or sharing passwords.  

Conclusion 

With so many contractors sharing vital information with subcontractors and owners, it is vital that all parties can have their data and information kept safe. Protect your company from hackers by creating a strong password and a culture of good password hygiene in the office. 

Stay up to date with the latest roofing industry news when you sign up for the RCS Week in Roofing e-news.