ARCHITECT contributor Nathan Miller says that a May 2017 ransomware attack exploited outdated operating systems in the U.K., resulting in the temporary shutdown of 16 hospitals. Two months later, credit reporting agency Equifax revealed that hackers used an application vulnerability to leak the personal information of more than 143 million Americans. Cyberattacks such as these risk more than sensitive information; they also jeopardize valuable capital. Cybereconomic data company Cybersecurity Ventures predicts that global ransom payout costs in 2017 will exceed $5 billion—15 times the amount paid in 2015. And according to technology research firm Gartner, global information security spending will reach $93 billion in 2018.
The statistics are staggering, especially since business workflows and assets have largely gone digital. Architects and builders have welcomed significant shifts in their digital workflow with cloud-based BIM software for remote project coordination, internet file hosting for global accessibility, and virtual workspaces for team communication. And the end results—the buildings themselves—are slowly but increasingly connected to Internet of Things (IoT) networks, with building management systems storing user information on everything from HVAC usage to lighting preferences.
Consider the following hypothetical scenarios: a hacker targeting an architecture firm could expose sensitive data about a client’s confidential business operations; a data breach at Dropbox could expose any one of the 1.5 billion DWG (drawing) files currently stored on the platform; and a cyberattack focused on a building control system in a hospital or airport could put the safety of its occupants at risk.