Cyber Incident Victim: Bam Construct
Date:
May 2020
Location:
United Kingdom
Summary
A significant cyber-attack targeted Bam Construct, a company involved in building emergency coronavirus hospitals, as part of a broader wave of attacks on organizations supporting the COVID-19 pandemic response. The company proactively shut down its website and certain systems as a precaution, though day-to-day operations remained largely unaffected, with self-imposed disruptions impacting normal workflows more than the virus itself. The incident was reported to authorities, mirroring separate attacks on other healthcare-related entities, amid government warnings about malicious actors endangering public health efforts through such intrusions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In May 2020, Bam Construct, a company contracted to deliver the Yorkshire and the Humber's emergency NHS Nightingale hospital during the COVID-19 pandemic, experienced a significant cyber-attack. The incident occurred amid government warnings that healthcare and research organizations supporting the pandemic response were being actively targeted by malicious actors. Bam Construct identified the attack as part of this broader wave of threats against public and private entities involved in the national COVID-19 effort. Upon detection, the company implemented precautionary measures by voluntarily shutting down its public-facing website and disabling select internal systems to contain the threat. A computer virus was confirmed as the primary attack vector, though technical specifics about its nature or origin were not disclosed. Bam Construct formally reported the incident to relevant authorities, aligning with national cybersecurity protocols for critical infrastructure providers.
The operational impact of the attack itself was limited, with Bam Construct stating its day-to-day business activities remained largely uninterrupted. However, the company acknowledged that its defensive measures—particularly the system shutdowns—disrupted normal workflows more substantially than the malware's direct effects. No data breaches or compromised client information were reported. Concurrently, Interserve, another NHS Nightingale contractor involved in the Birmingham facility, faced a separate, unrelated cyber incident that potentially affected some operational services. Both incidents occurred shortly after the National Cyber Security Centre (NCSC) had issued explicit alerts about targeted campaigns against healthcare organizations. The UK government condemned these attacks as endangering lives by undermining the pandemic response, though no attribution to specific threat actors was provided in Bam Construct's case. The company maintained operations on critical projects while collaborating with cybersecurity authorities during remediation.