Smart Buildings

IBM Hackers Highlight Cyber Security Vulnerabilities in Smart Buildings

Ethical hackers from IBM's X-Force tested a smart buildings automation system and encountered numerous serious security issues. The researchers identified several security holes that provide hackers with a backdoor into corporate networks through the office’s climate control systems. This recent discovery highlights the dangers of unsecure connected devices within the Internet of Things (IoT) and how they can lead to a data breach if not properly secured. "We did it old-school, just probing the firewall, finding a couple of flaws in the firmware", said Chris Poulin, research strategist for IBM's X-Force. "Once we had access to that, we had access to the management system of one building". An increasing number of devices are being connecting to the Internet, not least those that control your building’s heating, lighting and air conditioning. According to Gartner, devices in smart homes and smart commercial buildings represented 45% of total active connected things in 2015. IBM X-Force Ethical Hacking Team […]

Stay ahead of the pack

with the latest independent smart building research and thought leadership.

Have an account? Login

Subscribe Now for just $200 per year per user (just $17 USD per month) for Access to Quality Independent Smart Building Research & Analysis!

What Exactly Do you Get?

  • Access to Website Articles and Notes. Unlimited Access to the Library of over 1,700 Articles Spanning 10 Years.
  • 10% discount on ALL Memoori Research reports for Subscribers! So if you only buy ONE report you will get your subscription fee back!
  • Industry-leading Analysis Every Week, Direct to your Inbox.
  • AND Cancel at any time
Subscribe Now

Ethical hackers from IBM's X-Force tested a smart buildings automation system and encountered numerous serious security issues. The researchers identified several security holes that provide hackers with a backdoor into corporate networks through the office’s climate control systems.

This recent discovery highlights the dangers of unsecure connected devices within the Internet of Things (IoT) and how they can lead to a data breach if not properly secured.

Cyber Security 4
"We did it old-school, just probing the firewall, finding a couple of flaws in the firmware", said Chris Poulin, research strategist for IBM's X-Force. "Once we had access to that, we had access to the management system of one building".

An increasing number of devices are being connecting to the Internet, not least those that control your building’s heating, lighting and air conditioning. According to Gartner, devices in smart homes and smart commercial buildings represented 45% of total active connected things in 2015.

IBM X-Force Ethical Hacking Team Lead Paul Ionescu suggests that little attention is being paid to IoT devices employed in smart or automated buildings simply because IoT devices fall outside the scope of traditional IT. A recent survey of building automation system (BAS) operators found that only 29% had taken action or were in the process of taking action to improve cyber security for their Internet connected systems.

Currently, most BAS work in a similar fashion. Each building has a BAS controller, responsible for managing each of the building’s “smart” features and for collecting and aggregating data from various sensors (humidity, temperature, light, etc.). This BAS controller connects to the Internet through local Wi-Fi spots and the building router, where, in some cases, it sends data to manufacturers or central company servers that gather information from different buildings across the country.

BAS Services from a whole range of sensors and devices from building energy controls to physical security products are gradually but inevitably morphing into a more comprehensive and fully automated Building Internet of Things (BIoT) solution, which we discuss at length in a Recent Report.

“We were surprised by the amount of very basic security errors that we found which allowed us to break into the system. Things like shared passwords and information stored in clear text within the devices made it significantly easier for us to eventually hack into the central command server, along with the vulnerabilities we identified in the router and BAS software”, Ionescu said.

While the potential cyber security threats affect all types of buildings, IoT is becoming much more pervasive in commercial and industrial facilities, which are more often targeted, and have more to lose, than residential properties. “What most people don’t know is that a very large proportion of those devices will be in commercial buildings,” Pook-Ping Yao, CEO of Vancouver’s Optigo Networks said, adding that will make the systems within those buildings even more vulnerable to security breaches.

A 2015 General Electric report estimated that worldwide spending on industrial IoT initiatives would reach US$500 billion by 2020 and growing as high as US$15 trillion by 2030. In Canada, GE acquired Vancouver-based Wurldtech Security in 2014 to boost industrial IoT security in such sectors as utilities, transportation, and oil and gas. “We have to be sure that as we’re building out this industrial Internet, we’re being equally smart about ensuring that – not at the enterprise level but also at the operating level – we are protecting the assets”, said GE Canada CEO Elyse Allan.

[contact-form-7 id="3204" title="memoori-newsletter"]

Yao said the IoT security market is opening up at commercial sites as clients upgrade to Smart Buildings or facilities that have integrated systems controlling everything from security to the temperature. “If someone was able to unlock your doors, turn off your lights or make the room very hot or very cold, would you move?” Yao asked.

During the X-Force test, the team hit only major obstacle. Despite the stolen login credentials and the configuration file pointing to the central server, they could not log in remotely. "It did not allow us to connect via the Internet from our address space", Poulin said. However, the building was in close proximity, so they just drove over and set up in a nearby car parking, where they were able to gain access through the local wireless network.

"We connected to their wireless gateway and got an address that did allow us to connect to the central building management system", Poulin said. That, in turn, gave them access to all the buildings that the company managed. “We could have done some serious damage”, he said.

Most Popular Articles

Net Zero Buildings Timber IHS
Energy

Net Zero Buildings Explored: International House Sydney, Australia

As the first timber structure of its scale in Australia, International House Sydney (IHS) occupies an important position in the nation’s architectural history. Completed in mid-2017, IHS gained a 6 Star Green Star for office design and achieved As Built (v3) rating, alongside many other awards for design, operation, and especially embodied carbon. The six-story […]

Subscribe to the Newsletter & get all our Articles & Research Delivered Straight to your Inbox.

Please enter a valid email

Please enter your name

Please enter company name

By signing up you agree to our privacy policy