Accountancy Software Cyberattack hits US Construction Firms

Share
Plumbing, HVAC, concrete and other subcontractors have been impacted by cyberattacks.
Hackers target accounting software used by 43,000 US construction professionals, including plumbing, heating, ventilation, HVAC & concrete subcontractors

Cyberattacks have struck the US construction industry, targeting a widely-used accounting software solution. The attacks exploit vulnerabilities in older versions of Foundation Software, a product serving 43,000 construction professionals across the country.

Huntress, a US cybersecurity firm, uncovered what it terms an "emerging threat" affecting users of Foundation Software. The company monitors over 3 million endpoints for its clients, identifying approximately 500 hosts running the Foundation software.

Huntress reports that plumbing, heating, ventilation and air conditioning (HVAC), concrete and other subcontractors have been impacted by the cyberattacks. These businesses form a crucial part of the construction supply chain, providing specialised services to larger contractors and developers.

The cybersecurity firm describes the hack as a "brute force" attack. This method involves perpetrators using an automated trial-and-error engine to guess credentials or other sensitive information.

John Hammond, Principal Security Researcher at Huntress, says: "The affected companies were using default credentials at the time of the intrusion. These are usernames and passwords that come with the software on purchase and are supposed to be changed on installation."

Youtube Placeholder

Construction cyberattack reveals major vulnerability

The use of default passwords is a significant cybersecurity issue, according to the US Cybersecurity and Infrastructure Agency. The agency has been urging organisations to reset these passwords to protect against potential breaches.

Huntress says he has seen more than 35,000 brute force login attempts on a single impacted host. The company confirms that a sample of 33 hosts were publicly exposed with unchanged default credentials.

Foundation Software says affected users are those using legacy software physically installed on premises, rather than via Foundation's hosted environment. The company is urging impacted firms to adopt hosted software instead of on-premise installations. 

To protect against the threat, Huntress advises contractors using Foundation Software to change their credentials, including passwords. 

Hammond adds: "Even though the intrusions occurred, there was no compromise or malicious activity on those computers. However, the potential for harm remains if the vulnerability is not addressed."
-------
Construction Digital is a BizClik brand

Share

Featured Articles

Energy Transition Reshaping Construction, Says BCG

BCG report details how industries including construction need to collaborate on AI-driven energy solutions, citing data centre design as an example

New Volvo CE Facility Pioneers Climate Certification

Volvo Construction Equipment’s new Braås site is the first to earn the Climate Efficient Site certification, spearheading sustainability in construction

French construction firm Bouygues Expands into US

French multinational construction firm Bouygues Construction expands US presence as subsidiary Aimco lands luxurious Miami waterfront development project

Construction Industry Embracing Autonomous Equipment

Technology & AI

BIM: Revolutionising Construction Through Digital Innovation

Planning & Design

Global Coalition Targets Green Finance for Building Sector

Sustainability & Green Building