Hackers exploit coronavirus crisis to steal data from architect
Zaha Hadid Architects has issued a warning to practices to be vigilant after falling victim to cyber attackers who stole confidential information.
ZHA confirmed that hackers encrypted some of its internal data and tried to extort money from the practice in exchange for its return.
The criminals used malicious ransomware software to carry out their attack.
Earlier this month the UK’s National Cyber Security Centre (NCSC) warned that the frequency and severity of covid-19-related cyber attacks was likely to increase over the coming weeks.
ZHA 350 staff – who are all working from home during the lockdown – discovered a message on their server last week announcing the attack. It said some of ZHA’s private data had been encrypted and would only be released in exchange for a ransom payment.
The practice’s directors refused to negotiate and instead called in cyber security experts to investigate. On their advice ZHA reported the case to the Information Commissioner’s Office.
The firm said it was also “taking further steps in liaising with the relevant authorities as advised by our team of specialists”, although Building’s sister title Building Design understands the matter has not been reported to the police. Scotland Yard said it did not have a record of a complaint.
It is not clear how much information was stolen in the attack but ZHA said the data was backed up and that the attack had caused “minimal disruption”.
Paul Chichester, director of operations at the NCSC, said this month that the surge in home working, and an increased use of potentially vulnerable services such as virtual private networks, “amplified” the threat to individuals and organisations.
He added: “Malicious cyber actors are adjusting their tactics to exploit the covid-19 pandemic.”
ZHA issued a statement this week saying: “Data protection and privacy is extremely important to us and this is why we regretfully have to announce that on 21 April we experienced a security breach and theft of data in a ransomware attack.
“We immediately worked to secure our network and reported the incident to the authorities. With minimal disruption to the work of our teams, we continue to investigate any criminal theft of data with cyber specialists.
“With all our 348 London-based staff working from home during this pandemic and cyber criminals poised to exploit the situation, we strongly advise the architectural community to be extremely cautious.
“As the data affected by this breach is private information, we would appreciate media outlets not promoting this illegal breach of privacy should any data be made public.”
Earlier this month the practice’s biggest UK scheme to date, a two-tower scheme at Vauxhall, was approved by a planning inspector.