Attention Atlanta Construction Business Owners: Hackers Are Targeting Your Accounting Systems—Here’s How to Protect Your Business
Cybercriminals are increasingly targeting the Foundation accounting software used by many construction companies, including those in Atlanta, to infiltrate business networks through weak passwords and exposed servers. If your business relies on Foundation for managing accounting, payroll, or job costing, it’s critical to act now to protect your data.
What’s Happening?
On September 14, 2024, cybersecurity experts at Huntress detected a wave of attacks focused on construction companies using Foundation software. Hackers are exploiting a key vulnerability: many businesses are still using default or weak passwords on critical administrative accounts, leaving them exposed.
Huntress has already uncovered breaches at several businesses across sub-industries such as HVAC, plumbing, concrete, and other construction-related fields. These attackers are primarily using brute-force techniques to crack passwords, giving them control over your company’s financial data and internal networks.
Why Is Your Construction Business at Risk?
Foundation software uses a Microsoft SQL Server (MSSQL) that can be configured to allow access via TCP port 4243. This setup helps companies connect with mobile apps for easier access to their systems, but it also makes the server vulnerable if the right security measures aren’t in place.
If your company hasn’t updated the default passwords on admin accounts like ‘sa’ or ‘dba,’ or if you’ve set weak passwords, hackers can quickly exploit those vulnerabilities. Huntress reported that in some cases, attackers made up to 35,000 login attempts in just one hour to gain access.
Once inside, they can run commands that allow them to gather sensitive business data, including your network setup, hardware details, and employee information, potentially crippling your operations and leaving your financial information exposed.
What You Need to Do Right Now
- Change Your Passwords: If you haven’t already, change the default passwords for all admin accounts, especially on your Foundation software and MSSQL databases. Use strong, unique passwords that are hard to guess.
- Limit Server Exposure: Review your systems to ensure that your MSSQL server is not publicly accessible unless absolutely necessary. If your server is configured to allow external access, make sure it’s secured with proper firewalls and monitoring systems.
- Conduct Regular Security Audits: Schedule frequent checks of your systems to ensure no ports are unnecessarily open and that all your passwords are up to date.
Why This Matters for Atlanta Construction Firms
Atlanta’s construction industry is booming, and with that growth comes an increased risk of cyberattacks. Hackers are looking for vulnerabilities in businesses just like yours, knowing that construction firms often rely on specialized accounting software like Foundation. Don’t let a preventable security breach disrupt your projects or damage your reputation.
Huntress has already seen the impact of these attacks on businesses just like yours. Protecting your company’s financial information, client data, and overall operations is crucial. These threats are not going away, and the longer your systems remain exposed, the higher the risk of a breach.
Final Thoughts
To secure your Atlanta construction business, start by ensuring your Foundation software is properly configured and protected. Regularly updating passwords, limiting external server access, and running security audits can save you from a costly data breach. Cybersecurity may not be the first thing on your mind as a construction business owner, but a small investment in security now could save your business in the long run. If you need someone to take a look at your systems to ensure you are protected, we are doing free assessments for all construction businesses in the Metro area.
If you’re unsure about your current security setup, now’s the time to consult with a professional and protect your business before it’s too late.
Contact us today by giving us a call at (678) 619-1218 or booking an appointment here for a quick 15 min chat.
Dmitriy Teplinskiy
I have worked in the IT industry for 15+ years. During this time I have consulted clients in accounting and finance, manufacturing, automotive and boating, retail and everything in between. My background is in Networking and Cybersecurity