Researchers Draw Attention to Rising Cybersecurity Threats for Smart Buildings

• 37.8% of building automation systems were targeted in the first half of 2019 as per new study by Kaspersky.
• Increasing use of connected systems is posing a heightened cyber risk to smart buildings.

An overview

Smart buildings house a myriad of interconnected systems, devices, and a centralized control system that altogether offer a safe and healthy environment for its residents. Building automation systems are comprised of a wide variety of systems including HVAC, energy management systems, video surveillance systems, lighting control systems, elevator control systems, access control systems, as well as sensors attached to thermostats and devices to light sensors.

Recent research from Kaspersky revealed that 37.8 percent of computer systems involved in controlling smart building automation devices were impacted by cyber attacks in the first half of 2019.

Targeted buildings are not just residential and office buildings but also include facilities for industrial production, public transport, hospitals, shopping malls, prisons, and more.

Though most of the blocked threats so far are neither targeted nor specific to building-based automation systems, it still raises significant concerns on the availability and integrity of automation systems.

"While these figures are relatively low in comparison to the wider threat landscape, their impact should not be underestimated," Kirill Kruglov, security researcher at Kaspersky ICS CERT, said in a press release.

A deeper analysis of attacks

Kaspersky gathered and studied information from 40,000 smart buildings worldwide that use its security products, out of which 38.7 percent were attacked with different kinds of malware.

• 11 percent of attacks were aimed at stealing account credentials and other valuable information
• 10.8 percent of workstations were infected with worms
• 7.8 percent of systems suffered phishing attacks
• 4.2 percent of systems encountered ransomware
• As per the research, 26 percent of threats involved online intrusion methods.
• 10 percent of cases included the use of removable media (USB flash-sticks and external hard drives)
• Another 10 percent breach attempts were made via email links and attachments
• 1.5 percent of attacks on computer systems originated from within the host organization's network, such as from shared folders

Potential threats

Hackers today are leveraging the gaps between information technology (IT) and operational technology (OT) defenses to target building automation systems. One of the dangerous consequences is vulnerable systems being exploited to hold the target building hostage.

Attacks on smart cities and infrastructure could lead to wide-ranging consequences from risks to human safety to the potential shutdown of a shopping arena, the power grid, or even the entire city.

It is possible to manipulate the functionality of lifts, doors, or building entry systems, which are centrally controlled systems. Since smart architectures are concerned about eco-friendly and cost-saving initiatives, a more subtle attack can include raising the temperature of devices to reflect an increase in energy consumption, and hence operational costs.

Connected systems can also allow hackers to gain access to internal IT systems such as in the case of a casino that got hacked through an exploit of a fish tank.

How to protect your systems?

It is recommended to critically monitor network communications, on the perimeter as well as inside a building automation system's network. Moreover, collaboration and engagement are key to building a long term security strategy.

• Cybersecurity design frameworks and risk-based analysis tools can be used to improve the understanding of cyber risk for smart buildings.
• Integration of tools that help raise immediate alerts as soon as any suspicious network activity is detected, can enable a faster response.
• Inclusion of a variety of stakeholders in threat management and endpoint visibility can help ensure all-round safety.
• Preparation of a crisis communication and response plan paired with staff training is also crucial to ensuring effective incident management.