Redgwick Construction Targeted by Lockbit2 Ransomware Group

Redgwick Construction, a prominent entity in the construction industry, recently fell victim to the Lockbit2 ransomware group. This incident was disclosed on the group's dark web leak site, highlighting the ongoing cybersecurity threats facing the construction sector.

Company Background

Established in 1947, Redgwick Construction is a bonded and State of California licensed "A" General Engineering contractor. The company's portfolio encompasses a wide array of services such as underground work, grading, roadway widening, city street reconstruction, asphalt paving, base failure repair, pavement sealing, among others. Additionally, Redgwick Construction is recognized as a certified Pattern Paving applicator.

The official website of Redgwick Construction offers detailed information on their offerings, including wall tie patress plates, joist straps, wall ties, tie rods, and turnbuckles designed for stabilizing unstable structures. The site also features a quote request page and a contact section for further inquiries.

Rise in Ransomware Attacks within the Construction Sector

The construction industry has witnessed a significant uptick in ransomware attacks, with a notable surge recorded from January 2022 to January 2023. Factors contributing to this vulnerability include the reliance on outdated systems and a general lack of comprehensive cybersecurity defenses. These weaknesses render entities like Redgwick Construction prime targets for cybercriminal activities.

Ransomware attacks are characterized by the deployment of malicious software that encrypts data, rendering it inaccessible. Attackers then demand a ransom for data decryption or to prevent the public release of the stolen information. Such incidents can inflict considerable financial and operational setbacks on affected companies. The construction industry's growing reliance on technology, coupled with the potential targeting of software supply chains and managed service providers, exacerbates its exposure to these threats.

As of this writing, Redgwick Construction has not publicly disclosed any decision to comply with the ransom demands. The company has also not issued any statements regarding the breach, leaving questions about their engagement with law enforcement or cybersecurity professionals to address the situation.

Recommendations for Enhanced Cybersecurity Measures

The escalating threat landscape necessitates that companies in the construction sector, including Redgwick Construction, adopt stringent cybersecurity practices. Essential measures include the timely application of software updates and patches, extensive employee cybersecurity training, cautious handling of email attachments, and the deployment of preventive software solutions. Additionally, maintaining backups of critical data on separate devices can significantly mitigate the impact of ransomware attacks.

Sources

• "Understanding Ransomware and Strategies for Prevention and Response" - Cybersecurity and Infrastructure Security Agency (CISA), https://www.cisa.gov/ransomware
• "Ransomware in the Construction Industry: Risks and Precautions" - Construction Executive, https://www.constructionexec.com/article/ransomware-in-the-construction-industry-risks-and-precautions