QBE has warned that ransomware attacks are costing construction companies time and money, and the risk is growing
As adoption of Building Information Modeling (BIM) systems increases, so does the risk posed by construction cyber-attacks, say QBE.
While they support the adoption of more up-to-date methods and systems for information processing, this must be done in a way that remains safe from cyber-attacks.
Attackers may see new pathways
New systems are often linked to systems controlling physical equipment, boosting efficiency or streamlining operations by automating communications or oversight, but connecting these systems can open new pathways for attackers to access critical infrastructure, rather than simply leaving them disconnected.
In fact, QBE says that every new remote connection in a contractor and supplier network marks a potential entry point for attackers. Inadequate segmentation between IT and operational technology (OT) systems was a large factor in 81% of OT incidents in 2025, according to their report, From Blueprints to Breaches.
Furthermore, as geopolitical tensions are on the rise, the risk of cyberattacks is growing as state-aligned actors may target critical national infrastructure and supporting supply chains. Between 2022 and 2026, the UK saw 15 state-aligned cyber-attacks.
“The line between cyber risk and operational risk has effectively disappeared”
Neil Fleming, construction portfolio manager at QBE UK, said: “A single ransomware incident can now derail an entire construction programme. When access to drawings, project data or digital platforms is lost, costs escalate, project completion is put at risk and subcontractors feel the knock-on effect immediately.
“Cyber resilience needs to be considered alongside traditional project risks to deliver on time and reduce unforeseen costs. Many construction firms still treat cyber resilience as an IT issue rather than a project risk. Early engagement between clients, brokers and insurers is essential to ensure cyber exposures are properly understood and addressed alongside other construction risks.”
David Warr, cyber portfolio manager at QBE International Markets, added: “The risk profile of a cyber incident in construction has fundamentally changed. Many breaches now interrupt workflows, lock out critical systems and, in some cases, affect the physical environment through connected operational technology. The line between cyber risk and operational risk has effectively disappeared.”
QBE are calling for construction firms to integrate cyber into project risk planning from the start, prioritising governance, supply chain visibility, tested response plans, and ensuring insurers and brokers are engaged early to address any exposures as soon as possible.
The full report, From Blueprints to Breaches, can be found here.
The post Construction cyber attacks cost firms 24 days of work per year appeared first on Planning, Building & Construction Today.
