lockbit2 attacks Built It

Incident Date:

June 20, 2022

World map



lockbit2 attacks Built It


Built It




Plaistow, USA

New Hampshire, USA

First Reported

June 20, 2022

Ransomware Attack on Build-It Construction

Company Overview

Build-It Construction, a company specializing in commercial construction projects, has reportedly been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site, indicating that the company's website, http://www.builditinc.com/, was compromised.

Build-It Construction offers services ranging from pre-construction to construction management, ensuring that commercial construction projects are executed smoothly. The company's website provides information about their services, including home remodeling and updates on their projects.

Company Size and Industry Standout

As a significant player in the construction industry, Build-It Construction faces considerable cybersecurity risks. The construction sector has experienced an uptick in cyberattacks, with ransomware being a predominant threat. Companies within this industry are often targeted due to their substantial data holdings and generally low levels of cybersecurity awareness and preparedness.


The construction sector's susceptibility to ransomware attacks can be attributed to several factors:

  • Lack of Cybersecurity Awareness: Many construction companies do not fully comprehend the risks associated with ransomware and lack comprehensive cybersecurity defenses.
  • Outdated Systems: The use of older systems and software, which often miss critical security updates and patches, increases vulnerability to ransomware attacks.
  • Phishing Attacks: Ransomware is frequently disseminated through phishing emails, which deceive employees into engaging with malicious links or downloading infected files.
  • Remote Access: Ransomware attackers commonly target Remote Desktop Protocol (RDP) to gain access to a company's systems and data.

Mitigation Strategies

To reduce the risk of ransomware attacks, construction companies should implement the following strategies:

  • Education and Training: Regular cybersecurity training can equip employees with the knowledge to identify and avoid phishing emails and other social engineering attacks.
  • System Updates: Keeping all systems and software updated with the latest security patches is crucial.
  • Backup and Recovery: A comprehensive backup and recovery strategy is essential to minimize the impact of a ransomware attack.
  • Access Control: Strong access control measures, including multi-factor authentication and role-based access control, can significantly limit the damage from a ransomware attack.


  • Ransomware: Recent advances, analysis, challenges and future research directions - PMC
  • The Most Common Ransomware Attack Scenarios - MSP360

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.