Bouygues Construction Unit Gradually Recovering After Ransomware Attack
Unconfirmed reports cite a hacking gang that also steals data from companies and governments
Nearly a week has passed since a ransomware attack against the construction unit of Paris-based Bouygues led the contracting giant to announce it had temporarily shut down or cut off some of its computer systems.
In a statement issued Feb. 5, the company said it had taken steps to return its information systems to normal use.
Company and outside technology teams are "continuing to restore the information system and gradually bring the functionalities back into service," Bouygues stated.
Bouygues's construction unit is one of the biggest entities in construction known to have suffered a ransomware attack. Companies often decline to make public such attacks.
The company is ranked at No.10 on ENR's list of the Top 250 Global Contractors, with about $32 billion in 2018 reported global revenue, about half in transportation work and half outside France.
The company has filed a complaint and is working with authorities to identify the source of the attack.
Insurance policies covering the damage or costs are being tapped, the company said. But Bouygues did not specify exactly what coverage was in place. "Ad hoc insurance policies have been activated," it stated.
The company initially disclosed the attack in a Jan. 31 tweet and posted a statement on its website saying it had shut down its information systems after detecting a ransomware type virus. Construction operations were unaffected, the company said.
Complex construction projects, with myriad data exchanges among software and systems of partners, subcontractors, regulators and suppliers are tempting targets for hackers.
The risks run the gamut from sabotage, destruction of hardware and equipment and stolen or locked data. Phishing, which are emails disguised to seem like they have another purpose and trick recipients into opening them, often provides the avenue for ransomware attacks.
Numerous tech and cybersecurity websites reported that the Bouygues ransomware attack was carried out by a hacker gang called Maze, which steals data and threatens to post it on a publicly viewable website, and locks up a victim's computer systems.
Maze reportedly struck a Canadian construction contractor before its attack on Bouygues. In December, the hackers had attacked the city of Pensacola, Fla.