One in six construction firms affected by cyber-crime

In 2015, 15 per cent of construction business premises were affected by online crime, according to new UK government statistics.

The Home Office’s latest commercial victimisation survey revealed that there were 77,000 incidents of online crime against construction premises last year, though only three per cent of cases were reported to the police.

Around 71 per cent of cases related to computer viruses, while 10 per cent involved hacking attacks. Government figures also revealed that an estimated 2,000 businesses suffered a theft of money online.

Possibly reflecting a belief that the authorities are unable to tackle the issue, just three per cent of incidents of online crime were reported to the police. Larger companies are spending significantly more on IT security according to the figures showing that the issue of cyber crime is a growing issue of concern for the industry.

Professional services firms could be especially vulnerable if they don’t have adequate safeguards in place. Indemnity insurers in the legal sector are already asking for firms’ plans for stopping cyber-criminals when they come to set premiums this year, according to one market expert.

QBE, which insures more than one in 10 law firms in England and Wales, said its latest data shows that around £85m has been stolen across the legal market in the past 18 months. 

The firm estimates 150 successful raids have been made on client accounts during that time, with at least 1,500 failed attempts. Only a small proportion of the stolen money, if any, is recovered.

Elina Lusted, a claims manager for QBE, said underwriters are now likely to ask searching questions about what exactly firms are doing to thwart cyber criminals. “The nature of how a business risk is assessed may be moving away from the typical focus on what business a law firm does but more to how they transact business including what security and IT systems they have in place.”

Lusted said law firms have increasingly become targets for fraudsters in the past 12 months, with criminals hacking into firms’ IT systems to steal monies passing between solicitors and their clients in conveyancing transactions.

According to Lusted, law firms should be looking at the way they transact business from start to finish, for example warning clients of the risks of fraud through their terms of business letter and/or retainer letter. Bank account details could be provided face-to-face and emails encrypted so that a password is required to view documents, she said.

With one in six construction firms now a victim of online crime, there is no room for complacency in the sector, especially with other professionals like lawyers increasingly being targeted by cyber criminals.

The 2016 commercial victimisation survey was carried out among 958 respondents from the construction sector including building, roofing, scaffolding, civil engineering, electrics and plumbing companies.

If you would like to contact Andy Walker about this, or any other story, please email