Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Moffatt & Nichol

Moffatt & Nichol Vendor Cyber Rating & Cyber Score

moffattnichol.com

Moffatt & Nichol is a leading U.S.-based global infrastructure advisor specializing in the planning and design of facilities that shape and serve our coastlines, harbors and rivers, as well as an innovator in the transportation complexities associated with the movement of freight. The firm's professional staff includes engineers, planners, and scientists who serve our global client base from offices in Europe, North America, Latin America, and the Pacific Rim. The firm provides clients worldwide with customized service and a level of excellence that have become the firm’s hallmark in several primary practice areas – ports and harbors; coastal, environmental and water resources; urban waterfronts and marinas; transportation, bridges and


MN A.I CyberSecurity Scoring

MN
Company Information
Website:http://www.moffattnichol.com
Employees number:1,218
Number of followers:32,820
NAICS:237
Industry Type:Civil Engineering
Homepage:moffattnichol.com
MN Risk Score (AI oriented)
Between 700 and 749
logo
MNCivil Engineering
Updated:
02/04/2026
746/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
MN Global Score (TPRM)
xxxx
logo
MNCivil Engineering
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

MN
MNModerate
Current Score
746Ba (MODERATE)
01000
1 incidents
-19 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
747Before Incident
JUNE 2026
747Before Incident
MAY 2026
746Before Incident
APRIL 2026
746Before Incident
MARCH 2026
745Before Incident
FEBRUARY 2026
745Before Incident
JANUARY 2026
745Before Incident
DECEMBER 2025
744Before Incident
NOVEMBER 2025
744Before Incident
OCTOBER 2025
743Before Incident
SEPTEMBER 2025
761Before Incident
Cyber Attack
01 Sep 2025MN
U.S.-based civil engineering firm (involved in Ukraine-related projects)

Russian-Linked Threat Actors Use Fake Browser Updates to Deploy SocGholish Malware in Targeted Espionage Campaign

742After Incident
CRITICAL-19
MOF59100659112625
A U.S.-based civil engineering firm specializing in Ukraine-related infrastructure projects fell victim to a highly targeted cyberattack orchestrated by Russian GRU Unit 29155 in September 2025. The threat actors exploited fake browser update pop-ups to deploy SocGholish malware, which then delivered the RomCom Mythic Agent loader within minutes of initial infection. The attack leveraged compromised legitimate websites to inject malicious JavaScript, tricking employees into downloading a fake 'msedge.dll' payload disguised as a browser update.The payload executed only when the victim’s system matched a predefined domain, indicating precision targeting. Once activated, it established a connection to Mythic C2 servers, granting attackers remote access for potential espionage or data exfiltration. While Arctic Wolf’s Aurora Endpoint Defense detected and quarantined the payload before full compromise, the incident highlights the evolving threat landscape where malware-as-a-service (SocGholish)—previously associated with ransomware—is now repurposed for state-sponsored cyber operations. The attack’s link to GRU-affiliated groups suggests motives beyond financial gain, likely aiming to disrupt pro-Ukrainian entities or gather intelligence on critical infrastructure projects. The use of bulletproof hosting and advanced obfuscation techniques further complicates attribution and mitigation.
INCIDENT DETAILS -
TYPE
Malware InfectionEspionageTargeted AttackInitial Access Broker
MOTIVATION
EspionageState-Sponsored Cyber OperationsTargeting Pro-Ukrainian Entities
IMPACT
At least one system in a U.S.-based civil engineering firmPotential remote access by threat actorsQuarantined payload prevented full compromisePotential reputational damage due to targeted espionage campaign
DATA BREACH
Potential (remote access established, but payload quarantined)
AUGUST 2025
761Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for MN ?
?
What was MN's A.I Rankiteo Cyber Score in June 2026 ?
?
What was MN's A.I Rankiteo Cyber Score in May 2026 ?
?
What was MN's A.I Rankiteo Cyber Score in April 2026 ?
?
What was MN's A.I Rankiteo Cyber Score in March 2026 ?
?
What was MN's A.I Rankiteo Cyber Score in February 2026 ?
?
What was MN's A.I Rankiteo Cyber Score in January 2026 ?
?
What was MN's A.I Rankiteo Cyber Score in December 2025 ?
?
What was MN's A.I Rankiteo Cyber Score in November 2025 ?
?
What was MN's A.I Rankiteo Cyber Score in October 2025 ?
?
What was MN's A.I Rankiteo Cyber Score in September 2025 ?
?
What was MN's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on MN's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with MN ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view MN's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?