Bouygues Construction Unit Gradually Recovering After Ransomware Attack

Unconfirmed reports cite a hacking gang that also steals data from companies and governments

Nearly a week has passed since a ransomware attack against the construction unit of Paris-based Bouygues led the contracting giant to announce it had temporarily shut down or cut off some of its computer systems.

In a statement issued Feb. 5, the company said it had taken steps to return its information systems to normal use.

Company and outside technology teams are "continuing to restore the information system and gradually bring the functionalities back into service," Bouygues stated.

Bouygues's construction unit is one of the biggest entities in construction known to have suffered a ransomware attack. Companies often decline to make public such attacks.

The company is ranked at No.10 on ENR's list of the Top 250 Global Contractors, with about $32 billion in 2018 reported global revenue, about half in transportation work and half outside France.

The company has filed a complaint and is working with authorities to identify the source of the attack.

Insurance policies covering the damage or costs are being tapped, the company said. But Bouygues did not specify exactly what coverage was in place. "Ad hoc insurance policies have been activated," it stated.

The company initially disclosed the attack in a Jan. 31 tweet and posted a statement on its website saying it had shut down its information systems after detecting a ransomware type virus. Construction operations were unaffected, the company said.

Complex construction projects, with myriad data exchanges among software and systems of partners, subcontractors, regulators and suppliers are tempting targets for hackers.

The risks run the gamut from sabotage, destruction of hardware and equipment and stolen or locked data. Phishing, which are emails disguised to seem like they have another purpose and trick recipients into opening them, often provides the avenue for ransomware attacks.

Numerous tech and cybersecurity websites reported that the Bouygues ransomware attack was carried out by a hacker gang called Maze, which steals data and threatens to post it on a publicly viewable website, and locks up a victim's computer systems.

Maze reportedly struck a Canadian construction contractor before its attack on Bouygues. In December, the hackers had attacked the city of Pensacola, Fla.

Deputy Editor Richard Korman helps run ENR's business and legal news and investigations, selects ENR's commentary and oversees editorial content on ENR.com. In 2023 the American Society of Business Publication Editors awarded Richard the Stephen Barr Award, the highest honor for a single feature story or investigation, for his story on the aftermath of a terrible auto crash in Kentucky in 2019, and in 2015 the American Business Media awarded him the Timothy White Award for investigations of surety fraud and workplace bullying. A member of Investigative Reporters and Editors, Richard has been a fellow on drone safety with the McGraw Center for Business Journalism at the Craig Newmark Graduate School of Journalism at CUNY. Richard's freelance writing has appeared in the Seattle Times, the New York Times, Business Week and the websites of The Atlantic and Salon.com. He admires construction projects that finish on time and budget, compensate all team members fairly and record zero fatalities or serious injuries.

Post a comment to this article

Brought to you from ENR's 2024 Emerging Leaders Forum, this webinar hosts Dr. Burcin Kaplanoglu, an ENR contributor and LinkedIn Top Voice for technology & innovation, and four panelists as they talk about how artificial intelligence (AI) can change the construction industry.