Athens, Ohio, Sues to Recover Nearly $722,000 After Cyber Attack
January 21, 2025 —
Jeff Yoders - Engineering News-RecordIn November, Athens, Ohio, officials sent nearly $722,000 to a bank account they believed was set up by its contractor, Pepper Construction, to receive payment for its work on a fire station headquarters. The request was actually a sophisticated cyber attack that took advantage of a construction payment system that often does not allow clients processing invoices to directly know those behind the email addresses making the requests.
Read the court decisionRead the full story...Reprinted courtesy of
Jeff Yoders, ENRMr. Yoders may be contacted at
yodersj@enr.com
Builders Beware: Smart Homes Under Attack by “Hide ‘N Seek” Botnet
October 30, 2018 —
Scott L. Satkin & Amtoj S. Randhawa - Newmeyer & Dillion LLPGerman manufacturer eQ-3 has found itself under siege by a botnet known as "Hide 'N Seek." This pernicious malware has infected tens of thousands of eQ-3's smart home devices by compromising the device's central control unit. Once a device has been infected, the malware spreads to other Internet of Things ("IoT") devices connected to the same wireless network. IoT devices have become the prime target for botnet attacks. As opposed to computers, laptops, or other larger computing devices, the smaller storage capacity and lower processing power of IoT devices limit the amount and complexity of the security measures that can be installed—making them an easier target for botnets.
What is a Botnet?
For those unfamiliar with the term, a botnet is a network of devices infected with a malware program allowing the infector to control and/or exploit the devices. Once a suitable number of devices are infected, the person or group controlling the botnet can harness the computing power of each infected device to perform activities which were previously constrained by a single device's capabilities (i.e. DDoS attacks, spamming, cryptocurrency mining, etc.).
Hide 'N Seek – History and Capabilities
The Hide 'N Seek botnet first appeared in January 2018 and has since spread rapidly. Its sophisticated design and capabilities have captivated the attention of many security watchdogs and researchers. While many botnets are designed to be "quick and dirty" (i.e. infect a few devices, eke out a little profit, and inevitably be cleared out or rendered ineffective by security updates and fixes), Hide 'N Seek was designed to maintain itself in the host's system indefinitely. When it was first released, Hide 'N Seek primarily targeted certain routers and internet-enabled security cameras; however, it has now began targeting digital video recorders, database servers, and most recently, smart home hubs.
Hide 'N Seek's communication capabilities are also more advanced than previous botnets. Previous botnets relied on existing communications protocols to communicate with other another, but Hide 'N Seek uses a custom-built peer-to-peer system to communicate. This advancement allows Hide 'N Seek to spread more rapidly than previous botnets.
Hide 'N Seek is also capable of extracting a device owner's personal information (i.e. name, address, e-mail, telephone numbers, etc.) whereas previous botnets were not. Most importantly, Hide 'N Seek is consistently updated to increase its infection rate, decrease its detection probability, and bypass any security measures designed to detect and remove it from the system. This modularity has proved to be Hide 'N Seek's greatest strength.
Protecting Against Hide 'N Seek and Other Botnets
While many of the precautions will undoubtedly come from the device manufactures vis-à-vis software programming and updates, homebuilders can still take some precautions to protect their customers.
- When selecting a smart home system to incorporate into a home's construction, be sure to evaluate its security features including, but not limited to its: wireless connectivity, password/passphrase requirements, interconnectedness with other IoT devices, etc. Third-party reviews from tech-oriented outlets will likely have useful information on a device's security measures, vulnerabilities, and any recent security compromises.
- Be vigilant in installing any eQ-3 smart home systems. The extent of the damage caused by Hide 'N Seek botnet remains unknown, as does damage from other potentially-infected technology. Thus, it may be prudent to avoid installing any eQ-3 device until it becomes evident that the threat has been neutralized and all security vulnerabilities have been remedied.
- If a builder uses technology other than eQ-3, precautions must be taken. Ensure that technology providers are thoroughly researched. It is also recommended to include strong contractual indemnity provisions, and require vendors to carry cyber-specific insurance policies.
- Homebuilders should consider purchasing their own stand alone cyber liability policies as a safety net, should potential exposure arise.
Scott Satkin and Amtoj Randhawa are associates in the Cybersecurity group of Newmeyer & Dillion. Focused on helping clients navigate the legal dispute implications of cybersecurity, they advise businesses on implementing and adopting proactive measures to prevent and neutralize cybersecurity threats. For questions on how they can help, contact Scott at scott.satkin@ndlf.com and Amtoj at amtoj.randhawa@ndlf.com.
Read the court decisionRead the full story...Reprinted courtesy of
Addressing Safety on the Construction Site
January 27, 2020 —
Christopher G. Hill - Construction Law MusingsFor this week’s Construction Law Musings Guest Post, we welcome a new face, Patrick Rafferty. Patrick (@ThePraff) is a consultant for Brahman Systems and has an interest in construction safety.
First of all, I’d like to say that I am not an attorney. Anything I say in this article should be taken with a grain of salt. All of the information that I have written in this article comes from personal work experience on the worksite.
Each year, construction sites around the nation see hundreds of thousands of injuries related to equipment operation and situations that could be avoidable with the right precautions in place. In 2011 alone, according to the Occupational Safety and Health Administration, there were 4,069 workers killed on a construction site, most of which were avoidable. Though some sort of on-site problems are unavoidable, they can be minimized with simple practices that every construction site should have in place, whether it is the building of a high-rise building or a simple house renovation.
Here are some of the most common issues that lead to injuries on the construction site:
Lack of training
Before anyone steps onto a construction site, they need to have a thorough understanding of not only what they will be doing, but also how to use the equipment involved in the building process. All operators of heavy machinery should have verifiable training on the machine or equipment they will operate. Most equipment dealers offer training as part of their customer service, such as usage manuals, videos and quizzes. Once these are complete, many will offer a certificate of completion at the end of the process. The larger and more complex the machine, the more time should be allotted for training.
Read the court decisionRead the full story...Reprinted courtesy of
The Law Office of Christopher G. HillMr. Hill may be contacted at
chrisghill@constructionlawva.com
Denver’s Mayor Addresses Housing and Modifying Construction Defect Law
July 16, 2014 —
Beverley BevenFlorez-CDJ STAFFDuring his State of the City Address, Mayor Michael Hancock discussed housing, specifically calling “on the state legislature to modify a construction defects law,” according to KWGN news.
“…it is my sincere hope that the 2015 State Legislature will recognize the chilling effect the construction defects law has on the for sale condo market,” Hancock stated, as reported in The Denver Post. “I encourage lawmakers to modify the law so that we can experience the full potential of housing in metro Denver.”
Hancock also claimed that though the population has increased, the “housing stock has not kept pace,” according to KWGN. “This gap is exacerbated by rising home prices, which are good news for homeowners and our local economy, but a challenge for many residents and families.”
Read the full story, KWGN...
Read the full story, Denver Post... Read the court decisionRead the full story...Reprinted courtesy of
Construction Termination Issues for the Architect and Engineer: Part 1– Introduction to the Series
July 24, 2023 —
Melissa Dewey Brumback - Construction Law in North CarolinaEarlier this year, I was asked to talk to other construction lawyers on the topic of termination. My first question was– whose termination are we talking about here– the architect / engineer? The contractor? Is someone wanting to “fire” the owner? The answer, as it turns out, is — yes. That is, yes, any and all of the above termination topics were on the table.
As you may have suspected, even the threat of a termination is bad, bad news. It is the “nuclear option” for a construction project. Everyone risks getting harmed. As the design professional administering a contract, you run a risk of being dragged into litigation no matter what you do. So, how should you proceed? Carefully.
Read the court decisionRead the full story...Reprinted courtesy of
Melissa Dewey Brumback, Ragsdale LiggettMs. Brumback may be contacted at
mbrumback@rl-law.com
Proving & Defending Lost Profit Damages
June 09, 2016 —
David Adelstein – Florida Construction Legal UpdatesI have written numerous articles regarding the challenge in proving
lost profit damages. Yes,
lost profits are a form of damages in business disputes, but they are a form of damages that are subject to a certain degree of
conjecture and speculation. For this reason,
lost profit evidence is oftentimes precluded from being presented at trial or lost profit damages are reversed on appeal. This is why it is imperative to ensure i’s are dotted and t’s are crossed when it comes to proving lost profit damages. It is also imperative, when defending a lost profit claim, to put on evidence and establish the speculative nature of the lost profit damages.
Read the court decisionRead the full story...Reprinted courtesy of
David M. Adelstein, Kirwin NorrisMr. Adelstein may be contacted at
dma@kirwinnorris.com
Are We Having Fun Yet? Construction In a Post-COVID World (Law Note)
June 20, 2022 —
Melissa Dewey Brumback - Construction Law in North CarolinaRemember how I said to never assume? Yeah, about that…… even when you plan for failures, mistakes, and other problems, sometimes things get so outside the realm of what you considered that it can leave your construction project spinning. Take, as a random example, a world-wide pandemic that shuts down supply chains, shuts down job sites, and limits the labor pool. Just as an example.
What does construction law say about pandemics? They fall under an “Act of God” that you may have read about in your contracts, or in the contracts of the contractors working your projects. An “Act of God” is an event that is not foreseeable, and as such not something the parties could have anticipated when they drafted the contract. Acts of God generally excuse a party’s failure– for example, a contractor’s failure to complete the project on time can be excused when an “act of God” has occurred.
By now, you’ve dealt with the practical fall out, one way or another. Many projects no longer made financial sense for your clients. Others may have been modified, reduced in scope, or had substitute materials put in place.
Read the court decisionRead the full story...Reprinted courtesy of
Melissa Dewey Brumback, Ragsdale LiggettMs. Brumback may be contacted at
mbrumback@rl-law.com
The Burden of Betterment
February 23, 2017 —
Ryan M. Charlson, Esq. - Florida Construction Law NewsThe concept of betterment has long been used by defendants in cases involving defective design or construction to limit the damages awarded to a plaintiff.[1] The theory behind betterment is that: “if in [the] course of making repairs [an] owner adopts a more expensive design, recovery should be limited to what would have been the reasonable cost of repair according to original design.”[2] Betterment is often raised as an affirmative defense, requiring a defendant to prove that the plaintiff has received a good or service that is superior to that for which the plaintiff originally contracted. A recent South Florida case seems, at first blush, to suggest the burden of establishing the value of betterments may fall to the plaintiff, although a closer reading indicates the decision is likely to have limited applicability.
In Magnum Construction Management Corp. v. The City of Miami Beach, the Third District Court of Appeal was asked to review the damages award to the City for construction defects associated with the redesign and improvement of a park.[3] The completed project contained landscaping deficiencies, along with other “minor defects” in the playground’s construction.[4] After a unilateral audit, and without providing the contractor its contractually required opportunity to cure the defects, the City “removed, redesigned, and replaced the playground in its entirety.”[5] It did so despite no recommendation by the City’s own expert to perform such work.[6] During the bench trial, the “only measure of damages provided by the City was the costs associated with the planning, permitting, and construction of a park that is fundamentally different from the one it contracted with [the contractor] to build.”[7]
Read the court decisionRead the full story...Reprinted courtesy of
Ryan M. Charlson, Cole, Scott & Kissane, P.A.Mr. Charlson may be contacted at
ryan.charlson@csklegal.com
