ventilation, and air conditioning), and general construction firms.

Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms

Last week, cybersecurity research company Huntress reported a marked increase in attempts to infiltrate FOUNDATION accounting software.

The cybercriminals’ modus operandi is unsophisticated yet highly effective: using the software’s default credentials to gain unauthorized access to the systems.

The threat actors appear to be targeting companies working within the construction industry, with specific interest in plumbing, HVAC, and general construction companies.

The Importance of Changing Default Credentials

FOUNDATION, a popular accounting software widely used within the construction industry to control job expenses and manage project costs, comes with default credentials for ease of setup.

Leaving these default credentials unchanged, however, leaves the door wide open for cybercriminals.

As the researchers at Huntress point out, threat actors can easily find lists of default credentials on the Internet or in the software’s user manuals.

Armed with this information, attackers can then proceed to use brute force mechanisms to gain unauthorized access.

Real-world Examples and Impact

The damaging potential of such attacks is enormous.

For example, in 2017, a major breach of hospitality software firm Avanti Markets resulted in the compromise of personal data, including biometric information, of millions of customers.

The data breach occurred when hackers exploited the software’s Default User credentials, highlighting the peril of unchanged default access information.

Fight Back: Practical Advice on Safeguarding Your Systems

Companies using FOUNDATION, or indeed any other software, are urged to take the following crucial steps to ensure the security of their data and systems:

• Change default credentials: This is the first and most crucial step, yet one which is often overlooked.
• Develop a strong password policy: Ensure passwords are complex, not easily guessed, and are changed regularly.
• Implement multi-factor authentication: This adds an additional layer of security, making a breach much less likely.
• Educate all staff: Ensuring everyone knows the dangers of cyber attacks and the importance of maintaining strong, unique passwords can help to prevent breaches.

Cyber threats are now an ever-present reality for businesses across all sectors.

There has never been a more crucial time to ensure that you are doing everything in your power to secure your systems, including simple steps like changing the default credentials on your software.

Follow-Up Reading

• Avanti Markets Data Breach Report – Krebs on Security
• The Importance of Changing Default Passwords – ZDNet
• The Problems with Stale Passwords on Sensitive Accounts – SANS Institute