Be Proactive Now: Commercial Construction Quickly Joining List of Industries Vulnerable to Cyber Attacks
June 15, 2017 —
Jeffrey M. Dennis & Nathan Owens – Newmeyer & Dillion LLPCommercial contractors have long faced their own unique business risks - labor and material shortages, delay claims, bonding issues, and defects in workmanship. But, in today's ever-evolving cyber world, it is imperative that contractors understand they are vulnerable to risks beyond finishing a project on time and on budget. As we are seeing more and more each day, cyber threats impact all businesses, including the construction industry, and the failure to protect against these threats will cost your company millions in damages and reputational harm.
UNDERSTANDING CYBER THREATS
Traditionally, cyber threats are thought of as the theft of employee and customer information over the internet. Given the construction industry is the largest employer in the world, the need to protect this information is obvious. The release or loss of personnel or consumer data could lead to extensive liability under a variety of potential claims, including statutory fines. In addition to securing confidential information, companies have to protect against outside agents accessing control of a company’s security protocols, equipment or encrypting files using malicious software. The recent “WannaCry” attack demonstrates that no business is immune from cyber attacks.
EXAMPLES OF RELATED BREACHES
For those that think these scenarios do not happen, here are two examples of these types of breaches:
* In May 2013, Chinese hackers stole floor plans, server information, and security system designs from an Australian prime contractor. Fearing the risks of compromised physical and network security, the contractor incurred additional costs of $132.6 million in project delays and costs to rework the various components that had been stolen.
* Then, in December 2014, a German governmental office reported that a steel mill suffered massive damage when malware prevented a blast furnace from being properly shut down. Hackers gained access to key technology within the company, which eventually allowed them to control the production line.
THE NEW WORLD OF THE IoT
In addition to these types of “traditional” hacking threats, cybersecurity risks continue to evolve and become more complicated every day. Some of these new threats are driven by the development of a phenomenon known as the Internet of things, or IoT. The IoT is most basically defined as the interconnection of devices with on / off switches to the Internet and each other. Since the IoT is estimated to be 20 billion or more devices within 3 years, and can be combined with malicious software, IoT poses one of the most challenging risks for contractors to protect against.
The technology included in today's commercial buildings clearly opens this avenue of risk. A centralized computer control center, typically employed in new buildings, controls and maintains the systems that are vital to the operation of the building, e.g., power, elevators, HVAC, lighting, and security. What happens if a hacker gains control to one of these systems, let alone all of them? What if a hacker simply utilizes an IoT attack to overwhelm a building’s computer systems? In either scenario, at a minimum, significant disruption would occur. Worse, the health and safety of those within the building could be jeopardized. A hacker may utilize ransomware in combination with an IoT attack to take over control of the building and hold it and possibly the occupants “hostage” until a ransom is paid.
The first significant IoT attack happened in October 2016 when a major web hosting company was attacked through the IoT, causing the host site to crash. The attack did not steal information, it simply caused the site to crash. But, that crash caused world-wide disruption across the Internet.
Hackers used malicious software to access a hundred thousand common household devices — web cameras, fitness trackers, DVR’s, smart TVs and even baby monitors — to flood the hosting company’s servers with incredibly high internet traffic. This attack showed that everyday items can be hacked and controlled by cyber criminals and then used against anyone else.
As we have all seen in recent news, the WannaCry cyber attack impacted businesses across the globe. Days after the attacks, hospitals were still left feeling its impact with continued appointment and planned operation cancellations, and delays in service. We should expect to see these types of attacks increasing in frequency.
PAY ATTENTION OR FACE THE CONSEQUENCES
Make no mistake about it, the stakes are incredibly high in the realm of cyber security protection. By 2021, the annual worldwide cost attributable to cyber attacks is estimated to reach the trillions of dollars. If any of these potential attacks occur, a contractor faces significant exposure, in many forms, including:
* Monetary. Cybersecurity events result in direct monetary losses in the form of notification costs, data recovery costs, and, of course, legal and public relations fees. States are also starting to impose strict standards on companies which will result in significant regulatory punishment in the cases of cyber breaches, including the added costs associated with agency investigations, regulatory fines and consumer redress funds.
* Reputation. Perhaps more important than the monetary risk, a contractor may incur substantial reputational harm if such a breach or attack is successful. Recent data has shown that small to medium-sized companies that experience a significant cybersecurity breach go out of business within six months of the breach – due to not only high monetary costs, but severe reputational damage.
* Criminal. The recently passed New York cybersecurity regulations place potential criminal penalties on compliance personnel. Other states are likely to follow New York.
As a business leader and commercial builder, the time to act is now. While the purchase of specific cyber insurance is an important part of protecting against the risks of a cyber attack, many cyber policies contain exclusionary language embedded in the policy making coverage potentially illusory. Additional steps can and need to be taken immediately, including an honest discussion of internal cybersecurity protections, examination of risk management strategy, and the training of employees. Failure to take these important steps could result in a disastrous cybersecurity breach and the loss of millions of dollars.
Jeffrey M. Dennis currently serves as Newmeyer and Dillion’s Managing Partner and, as a business leader, advises his clients on cybersecurity related issues, introducing contractual and insurance opportunities to lessen their risk. You can reach Jeff at jeff.dennis@ndlf.com.
J. Nathan Owens is the Managing Partner for Newmeyer & Dillion’s Las Vegas office. With more than 10 years in the construction industry as a former contractor himself, Nathan understands the complex issues builders and developers face in all aspects of development and construction. You can reach Nathan at nathan.owens@ndlf.com.
About Newmeyer & Dillion
For more than 30 years, Newmeyer & Dillion has delivered creative and outstanding legal solutions and trial results for a wide array of clients. With over 70 attorneys practicing in all aspects of business, employment, real estate, construction and insurance law, Newmeyer & Dillion delivers legal services tailored to meet each client’s needs. Headquartered in Newport Beach, California, with offices in Walnut Creek, California and Las Vegas, Nevada, Newmeyer & Dillion attorneys are recognized by The Best Lawyers in America©, and Super Lawyers as top tier and some of the best lawyers in California, and have been given Martindale-Hubbell Peer Review's AV Preeminent® highest rating. For additional information, call 949-854-7000 or visit http://www.newmeyeranddillion.com/.
Read the court decisionRead the full story...Reprinted courtesy of
Big League Dreams a Nightmare for Town
April 03, 2013 —
CDJ STAFFThe town of Gilbert, Arizona had their own big dreams for Big League Dreams Gilbert, which the town was convinced would bring in financial benefits. Now the amateur sports complex is plagued by defects and failing infrastructure. The town was wondering how to create sufficient recreation facilities when Big League Dreams made a proposal that would bring tax revenue from a new stadium complex.
Ten years later, Gilbert says it’s not getting enough of the revenue from the parks. The proposal, created by Big League Dreams, estimated an economic benefit of $40 million over 30 years with a construction cost of $22.7 million. Instead, construction ran to $42.7 million and over the last two years the town has received only $250,570.
Then there are the construction defects. The structure was warranteed for only one year. That warrantee long over, the complex has problems with various concrete surfaces and has generated injury claims. The town did not inspect the park after Big League Dreams started operating it. They later found out that some parts did not conform to code, with 39 problem areas referenced in a report. Some of these included safety issues like missing handrails.
Read the court decisionRead the full story...Reprinted courtesy of
Chinese Lead $92 Billion of U.S. Home Sales to Foreigners
July 09, 2014 —
John Gittelsohn – BloombergForeigners purchased $92.2 billion of U.S. homes in the 12 months through March, led by buyers from China, according to the National Association of Realtors.
Spending by Chinese buyers soared 72 percent from a year earlier to $22 billion, with their purchases accounting for 24 percent of spending by international buyers, the trade association said today from Washington. Total investments by foreigners jumped 35 percent.
Chinese buyers acquired 16 percent of houses sold to foreigners, up 4 percentage points, spurred by currency appreciation, rising affluence and concerns about an economic slowdown in the world’s most-populous country, the group said.
Read the court decisionRead the full story...Reprinted courtesy of
John Gittelsohn, BloombergMr. Gittelsohn may be contacted at
johngitt@bloomberg.net
California Court Holds No Coverage Under Pollution Policy for Structural Improvements
October 02, 2018 —
Brian Margolies - TLSS Insurance Law BlogIn its recent decision in Essex Walnut Owner L.P. v. Aspen Specialty Ins. Co., 2018 U.S. Dist. LEXIS 138276 (N.D. Cal. Aug. 15, 2018), the United States District Court for the Northern District of California had occasion to consider the issue of a pollution liability insurer’s obligation to pay for the redesign of a structural support system necessitated by the alleged presence of soil contamination.
Aspen’s insured, Essex, owned a parcel of property it was in the process of redeveloping for commercial and residential purposes. The project required excavation activities in order to construct an underground parking lot, and as part of this process, Essex designed a temporary shoring system comprising tied-in retaining walls in order to stabilize the area outside of the excavation. During the excavation work, construction debris was encountered requiring removal. Aspen agreed to pay for a portion of the costs to remove and dispose the debris under the pollution liability policy it issued to Essex.
Read the court decisionRead the full story...Reprinted courtesy of
Brian Margolies, Traub Lieberman Straus & Shrewsberry LLPMr. Margolies may be contacted at
bmargolies@tlsslaw.com
Mitigation, Restructuring and Bankruptcy: Small Business Tools in the Era of COVID-19
June 08, 2020 —
Hannah Kreuser - Porter Law GroupThe impact of the COVID-19 pandemic has been sudden and severe. Worldwide, populations are dealing with a public health crisis, which has abruptly impacted the economy. As cases continue to increase across the United States, both the federal government and state governments, including California, are directing people to “shelter in place” and “socially distance” from each other in an attempt to curb the spread of the virus. These orders have generally shut down daily life except for “essential” businesses. As a direct result, the economy has come to an abrupt halt and many businesses have been forced to close or significantly reduce their operations.
Concern for this economic impact is, in part, due to the speed and severity with which it has affected so many industries. With the current economic conditions, there is much speculation that bankruptcy filings, among not only individuals, but small businesses, will see a sudden increase in the coming months. Experts agree that filings will increase, the only question is when.
Because of COVID-19’s economic impact, it is important that businesses make an assessment now, regarding their needs, assets, and liabilities, so they can best prepare to survive COVID-19, or to take proactive steps in preparing to enter bankruptcy or wind down. In making this assessment, one of the questions to ask is whether the business can survive with quick financing, to help bridge the gap between the current operating conditions and their return to normal.
Read the court decisionRead the full story...Reprinted courtesy of
Hannah Kreuser, Porter Law GroupMs. Kreuser may be contacted at
hkreuser@porterlaw.com
Trump Signs $2-Trillion Stimulus Bill for COVID-19 Emergency
April 06, 2020 —
Tom Ichniowski - Engineering News-RecordPresident Donald Trump has signed the massive measure approved by Congress aimed at helping laid-off workers, financially strapped companies and a stressed health care system as a result of the coronavirus outbreak.
Final congressional action came on March 27, when the House passed the bill by voice vote. President Trump signed it a short time later.
Tom Ichniowski, Engineering News-Record
Mr. Ichniowski may be contacted at ichniowskit@enr.com
Read the full story... Read the court decisionRead the full story...Reprinted courtesy of
Following Mishaps, D.C. Metro Presses on With Repairs
February 23, 2017 —
Jim Parsons - Engineering News-RecordAn aggressive effort to overhaul the aging Metro system in Washington, D.C., is producing results as it nears the one-year mark, with more than 28,000 cross-ties and nearly two miles of grout pads now replaced.
Read the court decisionRead the full story...Reprinted courtesy of
Jim Parsons, ENRENR may be contacted at
ENR.com@bnpmedia.com
Quick Note: Lis Pendens Bond When Lis Pendens Not Founded On Recorded Instrument Or Statute
May 20, 2019 —
David Adelstein - Florida Construction Legal UpdatesIf a lis pendens is recorded and the lis pendens is NOT founded on a duly recorded instrument (e.g., mortgage) or a statute (e.g., construction lien), a lis pendens bond should be recorded. The lis pendens bond should cover prospective damages associated with the wrongful / unjustified recording of a lis pendens that were suffered by the property owner. The reason being is that the lis pendens has an effect on the title to the property as long as the lis pendens is recorded. Damages could stem from a decline in the market value of the property, continued upkeep and maintenance of the property, and there may also be (and, really, should be) consideration for loss of investment return associated with the equity in that property.
Read the court decisionRead the full story...Reprinted courtesy of
David Adelstein, Kirwin Norris, P.A.Mr. Adelstein may be contacted at
dma@kirwinnorris.com
