Be Proactive Now: Commercial Construction Quickly Joining List of Industries Vulnerable to Cyber Attacks
June 15, 2017 —
Jeffrey M. Dennis & Nathan Owens – Newmeyer & Dillion LLPCommercial contractors have long faced their own unique business risks - labor and material shortages, delay claims, bonding issues, and defects in workmanship. But, in today's ever-evolving cyber world, it is imperative that contractors understand they are vulnerable to risks beyond finishing a project on time and on budget. As we are seeing more and more each day, cyber threats impact all businesses, including the construction industry, and the failure to protect against these threats will cost your company millions in damages and reputational harm.
UNDERSTANDING CYBER THREATS
Traditionally, cyber threats are thought of as the theft of employee and customer information over the internet. Given the construction industry is the largest employer in the world, the need to protect this information is obvious. The release or loss of personnel or consumer data could lead to extensive liability under a variety of potential claims, including statutory fines. In addition to securing confidential information, companies have to protect against outside agents accessing control of a company’s security protocols, equipment or encrypting files using malicious software. The recent “WannaCry” attack demonstrates that no business is immune from cyber attacks.
EXAMPLES OF RELATED BREACHES
For those that think these scenarios do not happen, here are two examples of these types of breaches:
* In May 2013, Chinese hackers stole floor plans, server information, and security system designs from an Australian prime contractor. Fearing the risks of compromised physical and network security, the contractor incurred additional costs of $132.6 million in project delays and costs to rework the various components that had been stolen.
* Then, in December 2014, a German governmental office reported that a steel mill suffered massive damage when malware prevented a blast furnace from being properly shut down. Hackers gained access to key technology within the company, which eventually allowed them to control the production line.
THE NEW WORLD OF THE IoT
In addition to these types of “traditional” hacking threats, cybersecurity risks continue to evolve and become more complicated every day. Some of these new threats are driven by the development of a phenomenon known as the Internet of things, or IoT. The IoT is most basically defined as the interconnection of devices with on / off switches to the Internet and each other. Since the IoT is estimated to be 20 billion or more devices within 3 years, and can be combined with malicious software, IoT poses one of the most challenging risks for contractors to protect against.
The technology included in today's commercial buildings clearly opens this avenue of risk. A centralized computer control center, typically employed in new buildings, controls and maintains the systems that are vital to the operation of the building, e.g., power, elevators, HVAC, lighting, and security. What happens if a hacker gains control to one of these systems, let alone all of them? What if a hacker simply utilizes an IoT attack to overwhelm a building’s computer systems? In either scenario, at a minimum, significant disruption would occur. Worse, the health and safety of those within the building could be jeopardized. A hacker may utilize ransomware in combination with an IoT attack to take over control of the building and hold it and possibly the occupants “hostage” until a ransom is paid.
The first significant IoT attack happened in October 2016 when a major web hosting company was attacked through the IoT, causing the host site to crash. The attack did not steal information, it simply caused the site to crash. But, that crash caused world-wide disruption across the Internet.
Hackers used malicious software to access a hundred thousand common household devices — web cameras, fitness trackers, DVR’s, smart TVs and even baby monitors — to flood the hosting company’s servers with incredibly high internet traffic. This attack showed that everyday items can be hacked and controlled by cyber criminals and then used against anyone else.
As we have all seen in recent news, the WannaCry cyber attack impacted businesses across the globe. Days after the attacks, hospitals were still left feeling its impact with continued appointment and planned operation cancellations, and delays in service. We should expect to see these types of attacks increasing in frequency.
PAY ATTENTION OR FACE THE CONSEQUENCES
Make no mistake about it, the stakes are incredibly high in the realm of cyber security protection. By 2021, the annual worldwide cost attributable to cyber attacks is estimated to reach the trillions of dollars. If any of these potential attacks occur, a contractor faces significant exposure, in many forms, including:
* Monetary. Cybersecurity events result in direct monetary losses in the form of notification costs, data recovery costs, and, of course, legal and public relations fees. States are also starting to impose strict standards on companies which will result in significant regulatory punishment in the cases of cyber breaches, including the added costs associated with agency investigations, regulatory fines and consumer redress funds.
* Reputation. Perhaps more important than the monetary risk, a contractor may incur substantial reputational harm if such a breach or attack is successful. Recent data has shown that small to medium-sized companies that experience a significant cybersecurity breach go out of business within six months of the breach – due to not only high monetary costs, but severe reputational damage.
* Criminal. The recently passed New York cybersecurity regulations place potential criminal penalties on compliance personnel. Other states are likely to follow New York.
As a business leader and commercial builder, the time to act is now. While the purchase of specific cyber insurance is an important part of protecting against the risks of a cyber attack, many cyber policies contain exclusionary language embedded in the policy making coverage potentially illusory. Additional steps can and need to be taken immediately, including an honest discussion of internal cybersecurity protections, examination of risk management strategy, and the training of employees. Failure to take these important steps could result in a disastrous cybersecurity breach and the loss of millions of dollars.
Jeffrey M. Dennis currently serves as Newmeyer and Dillion’s Managing Partner and, as a business leader, advises his clients on cybersecurity related issues, introducing contractual and insurance opportunities to lessen their risk. You can reach Jeff at jeff.dennis@ndlf.com.
J. Nathan Owens is the Managing Partner for Newmeyer & Dillion’s Las Vegas office. With more than 10 years in the construction industry as a former contractor himself, Nathan understands the complex issues builders and developers face in all aspects of development and construction. You can reach Nathan at nathan.owens@ndlf.com.
About Newmeyer & Dillion
For more than 30 years, Newmeyer & Dillion has delivered creative and outstanding legal solutions and trial results for a wide array of clients. With over 70 attorneys practicing in all aspects of business, employment, real estate, construction and insurance law, Newmeyer & Dillion delivers legal services tailored to meet each client’s needs. Headquartered in Newport Beach, California, with offices in Walnut Creek, California and Las Vegas, Nevada, Newmeyer & Dillion attorneys are recognized by The Best Lawyers in America©, and Super Lawyers as top tier and some of the best lawyers in California, and have been given Martindale-Hubbell Peer Review's AV Preeminent® highest rating. For additional information, call 949-854-7000 or visit http://www.newmeyeranddillion.com/.
Read the court decisionRead the full story...Reprinted courtesy of
Nevada’s Construction Defect Law
March 05, 2015 —
Beverley BevenFlorez-CDJ STAFFConstructive Dive reported on the effects of Nevada’s new construction defect law, which is a revision of the original 1995 Homeowners Protection Act: “The new rules more tightly define ‘defect,’ strike the requirement for the losing party to pay the other’s legal fees, and require homeowners to be much more specific about the defects they claim.” Furthermore, it reduces “the length of time a homeowner has to make a construction-defects claim at six years, down from the 10-year statute of limitations in the original law.”
Arizona, Colorado, Florida, and Washington legislators are debating revising their current construction defect laws, according to Construction Dive. “If the Colorado measure passes, homeowners will have to go through arbitration before they’ll be allowed to sue their builders. The proposal in Washington would require the owner making the claim to have a third-party professional inspect the defect before filing a suit,” Construction Dive reported.
Read the court decisionRead the full story...Reprinted courtesy of
Port Authority Reaches Deal on Silverstein 3 World Trade
June 26, 2014 —
David M. Levitt – BloombergThe Port Authority of New York and New Jersey approved a financing agreement for Larry Silverstein’s 3 World Trade Center that allows him to use $159 million of insurance proceeds to expedite construction.
The agreement, which alters a 2010 deal on the project, follows about a year of negotiations and provides Silverstein with far less than the $1.2 billion of loan guarantees he sought under a previous plan that had been opposed by some board members. Silverstein plans to seek private financing to complete construction on the tower, which is stalled at eight floors.
The Port Authority, which owns the Trade Center site, unanimously approved the alterations to the agreement at a meeting today. The new deal meets the criteria of not creating additional debt for the agency, said Commissioner Kenneth Lipper, who led opposition to the loan guarantee, viewing it as too risky and a threat to the authority’s credit rating.
Read the court decisionRead the full story...Reprinted courtesy of
David M. Levitt, BloombergMr. Levitt may be contacted at
dlevitt@bloomberg.net
Ex-Construction Firm That Bought a $75m Michelangelo to Delist
January 08, 2019 —
Drew Singer - BloombergA Chinese construction firm-turned-art-collector will be delisted from the Nasdaq effective Friday, following a 260 percent run-up in its stock price this fall.
Shares in Yulong Eco-Materials Ltd. soared after the company agreed to buy the “Millennium Sapphire” for $50 million in October and a “Crucifixion” painting for $75 million in November. The firm was formerly a “vertically integrated manufacturer of eco-friendly building products located in the city of Pingdingshan in Henan Province, China," according to a company filing.
Read the court decisionRead the full story...Reprinted courtesy of
Drew Singer, Bloomberg
Eight Ways to Protect a Construction Company Before a Claim Is Filed
November 04, 2019 —
Mary Bacon - Construction ExecutiveClaims are inevitable in the construction industry. They can take on a life of their own and come with the burden of legal fees, wasted executive time and a possible judgment. Too often the only winners are the lawyers.
TIPS FOR PROTECTING MANAGEMENT AND THE BUSINESS BEFORE A CLAIM IS FILED
- Respect the business entity’s corporate structure. First and most importantly, respect the business entity’s corporate form. Legal entities have certain formalities like filing an annual list of officers, maintaining separate bank accounts, conducting certain meetings and following bylaws, etc. Respect these formalities. Failure to follow them exposes the owner to personal liability for company debts. And while a business claim has the potential to wipe out a business, owners should not risk having their personal assets on the line as well.
- Get a good contract. In most instances, a contract governs what happens and who is responsible for payment associated when a certain issue or dispute arises. A clear, well-written contract can often avoid a dispute or liability for a dispute. Actively participate in the contract negotiation and drafting process to make sure each party’s role and responsibilities are clearly accounted for.
- Make friends with clients. While it is true that “business is business,” people are often fairer and more willing to work towards a solution for people they are friends with. In most cases, friends will help friends in ways that people would not help mere business associates. When encountering a problem on a job, a friend may be willing to help achieve a more favorable outcome.
Reprinted courtesy of
Mary Bacon, Construction Executive, a publication of Associated Builders and Contractors. All rights reserved.
Read the court decisionRead the full story...Reprinted courtesy of
Ms. Bacon may be contacted at
mbacon@spencerfane.com
How Does Weather Impact a Foundation?
December 27, 2021 —
Brent Pearson - Construction ExecutiveWhen it comes to commercial properties, it pays to be prepared. However, there are few things as unpredictable as the weather. With there being several weeks left in hurricane season, the weather can have quite an impact on the foundations of different properties. Whether it’s a new home or a century-old commercial property, preserving the integrity and safety of the structure is paramount. For those in construction looking to learn more about how the weather can sway a foundation, below are several examples along with tips on prevention.
Rain, Rain Go Away!
Hurricanes are known for bringing strong winds and plenty of rain. This can spell disaster for buildings with weak foundations. Torrential downpours can cause wet and weak soil. Too much rain—whether generated by hurricanes or frequent storms—can negatively impact the foundations of commercial properties and homes as well. It can also cause the soil to weaken, which can lead to a foundation sinking into the ground. For those that may have crawl spaces underneath their properties, heavy rains may cause water to seep under and into it. Water will sit in the crawl space, and it could take days or even weeks to dry out, causing moisture and possible mold damage.
Reprinted courtesy of
Brent Pearson, Construction Executive, a publication of Associated Builders and Contractors. All rights reserved.
Read the court decisionRead the full story...Reprinted courtesy of
EEOC Issues Anti-Harassment Guidance To Construction-Industry Employers
July 22, 2024 —
Christopher Kelleher & Andrew Scroggins - The Construction SeytSeyfarth Synopsis: The Equal Employment Opportunity Commission (“EEOC”) has issued guidance tailored to the construction industry regarding compliance with anti-harassment laws. This lines up with our prediction in early 2024 that the EEOC had put the construction industry squarely in its sights. The guidance is important for construction-industry leaders and employers to understand to prevent and remedy workplace harassment, and to avoid potential harassment liability.
On June 18, 2024, the EEOC issued its
Promising Practices for Preventing Harassment in the Construction Industry. This guidance provides key recommendations that construction-industry leaders and employers should consider implementing to prevent and address harassment in the workplace, and avoid being the target of the EEOC’s enforcement efforts. The guidance is intended to supplement the EEOC’s
Strategic Enforcement Plan (“SEP”) for fiscal years 2024-2028, which provides direction on the EEOC’s current objectives, principles, and enforcement efforts – among them, increasing diversity in the construction industry and remedying harassment. (We’ve written previously about the
proposed and
final SEP.)
Reprinted courtesy of
Christopher Kelleher, Seyfarth and
Andrew Scroggins, Seyfarth
Mr. Kelleher may be contacted at ckelleher@seyfarth.com
Mr. Scroggins may be contacted at ascroggins@seyfarth.com
Read the court decisionRead the full story...Reprinted courtesy of
Construction Employment Rises in Half of the States
December 09, 2011 —
CDJ STAFFThe Labor Department has noted that half the states and the District of Columbia saw increases in construction employment during the month of October. During the same month, twenty-three states lost construction jobs.
The biggest gains were in North Dakota, Oklahoma, DC, Texas, and California. The biggest losses were in Georgia, New Mexico, Wisconsin, and Florida. There was no change for Alabama.
The chief executive officer of the Association of General Contractors of America, Stephen E. Sandherr, called for more infrastructure development. “Allowing water, transportation and energy networks to deteriorate will hurt construction employment and force taxpayers to spend more later, to fix broken infrastructure.”
Read the full story…
Read the court decisionRead the full story...Reprinted courtesy of
