On January 30, 2020, Bouygues Construction was targeted by a cyberattack involving malware, specifically ransomware.
The organization’s computer systems and databases were hacked and rendered inaccessible. To prevent the virus from spreading, the group took the precautionary step of shutting down its systems.
Martin Bouygues, the French CEO of the construction group, told AFP, however, that: “Since our industrial operations are not managed by IT systems, this attack should not have a financial impact on the company.”
According to him, however, this appears to be an attack of a “new kind.”
Nevertheless, this ransomware had a significant enough impact on Bouygues Construction to disrupt operations for several weeks.
Of course, several tests were conducted before all the machines were brought back online.
It was primarily software such as email and order management tools that were shut down for the longest period. Many employees were placed on temporary layoff. Communication with the Group internationally was limited.
“We cannot say, at first glance, that we have been negligent in addressing safety needs,” Mr. Bouygues assured. (La Tribune).
The creators of the Maze ransomware are reported to have claimed responsibility for the attack and demanded $10 million from Bouygues. However, the Bouygues Construction Group has not confirmed this information as a precautionary measure.
In May 2019, the group had already been hit by the Ryuk ransomware.This is therefore the second attack the group has suffered in less than a year.
Bouygues has prompted the Paris Public Prosecutor’s Office to launch a criminal investigation into, among other things, “extortion by an organized criminal group.” It has also called on ANSSI to take appropriate action against the ransomware attackers.
