Attackers target UK construction firms involved in the Coronavirus response. The two leading companies which have been involved in building emergency coronavirus hospitals have been hit by cyber-attacks.
Interserve, which has recently been contracted by the UK Government to help build the COVID-19 hospitals has announced a breach. The attack involved the criminal gaining access to a HR database and obtaining the details of up to 100,000 people. The information stolen in the breach could have included sensitive data, including names, addresses, bank details, payroll data, next of kin information, HR records, dates of absences and pension information.
“Interserve is working closely with the National Cyber Security Centre (NCSC) and Strategic Incident Response teams to investigate, contain and remedy the situation. This will take some time and some operational services may be affected.”
This follows a similar breach against the UK based company, BAM Construct UK. As a result of this cyber attack, the company has had to shut down some of its computer systems. BAM Construct has confirmed it has been the subject of a “significant cyberattack”. In a statement, BAM Construct said:
“We have stood up extremely well to a significant cyber-attack on our business, which forms part of the wave of attacks on public and private organizations supporting the national effort on Covid-19. Supplier and employee payments are being made and so it is, for our clients, subcontractors and our teams, pretty much business as usual. Our IT teams have closed access to a number of systems, including our website, as a precaution and we have alternative arrangements in place when necessary to ensure business continuity.”
Towards the start of May, the UK Government published an announcement informing healthcare companies that attacks like these would be on the rise. The attacks were not linked, but both companies have reported the incident to authorities including the National Cyber Security Centre.
Our advanced platform at Aberdeen Cyber Security stops the attack before it happens. If you are concerned about this, please seek professional IT consultancy.