* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Wednesday, May 28, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Drew Brees opens Surge Entertainment Center in Metairie hot spot for new businesses – NOLA.com

    Drew Brees Unveils Exciting New Surge Entertainment Center in Metairie!

    Will Gio Stay Or Go On May 27 General Hospital? – Yahoo

    Will Gio Make a Shocking Exit on May 27th’s General Hospital

    First look: Disney shows star villains, Little Mermaid, tech – Yahoo

    Unveiling Disney’s Dark Side: A Sneak Peek at Iconic Villains, The Little Mermaid, and Cutting-Edge Technology!

    Fans Call Out Disney For Cutting Favorite ‘Lilo & Stitch’ Character: ‘It Makes Me Want to Cry’ – Yahoo

    Disney Fans Heartbroken Over the Cut of Beloved ‘Lilo & Stitch’ Character: ‘It Makes Me Want to Cry

    Oh My Girl’s sister group USPEER from WM Entertainment introduces individual members with high-energy clips for ‘Speed Zone’ debut – allkpop

    Get Ready to Meet USPEER: Oh My Girl’s Sister Group Unveils Dynamic Members in ‘Speed Zone’ Debut Clips!

    Ways to save money on entertainment and travel this summer – CBS News

    Smart Strategies to Slash Your Summer Entertainment and Travel Costs!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    MSE, DXC Technology expand tech partnership – Sports Business Journal

    MSE, DXC Technology expand tech partnership – Sports Business Journal

    Technology Driving Performance: How Elite MA Plans Leverage Data, Care Coordination, and Advanced Analytics to Thrive Amid CMS’s Rigorous 2025 Standards, Black Book – Newswire.com

    Unlocking Success: How Top MA Plans Harness Data and Analytics to Excel Under CMS’s 2025 Standards

    Arqit acquires Ampliphae’s technology IP, enhancing its global encryption portfolio – GlobeNewswire

    Arqit Boosts Global Encryption Portfolio with Strategic Acquisition of Ampliphae’s Technology IP

    Searenergy partners with Tethys Robotics on subsea inspection technology – Windtech International

    Searenergy partners with Tethys Robotics on subsea inspection technology – Windtech International

    China successfully tests new-gen satellite-to-ground data transmission technology – Global Times

    China successfully tests new-gen satellite-to-ground data transmission technology – Global Times

    Wireless Connectivity Technology Market Set to Witness – openPR.com

    Exploring the Future: Wireless Connectivity Technology Market Poised for Remarkable Growth!

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Drew Brees opens Surge Entertainment Center in Metairie hot spot for new businesses – NOLA.com

    Drew Brees Unveils Exciting New Surge Entertainment Center in Metairie!

    Will Gio Stay Or Go On May 27 General Hospital? – Yahoo

    Will Gio Make a Shocking Exit on May 27th’s General Hospital

    First look: Disney shows star villains, Little Mermaid, tech – Yahoo

    Unveiling Disney’s Dark Side: A Sneak Peek at Iconic Villains, The Little Mermaid, and Cutting-Edge Technology!

    Fans Call Out Disney For Cutting Favorite ‘Lilo & Stitch’ Character: ‘It Makes Me Want to Cry’ – Yahoo

    Disney Fans Heartbroken Over the Cut of Beloved ‘Lilo & Stitch’ Character: ‘It Makes Me Want to Cry

    Oh My Girl’s sister group USPEER from WM Entertainment introduces individual members with high-energy clips for ‘Speed Zone’ debut – allkpop

    Get Ready to Meet USPEER: Oh My Girl’s Sister Group Unveils Dynamic Members in ‘Speed Zone’ Debut Clips!

    Ways to save money on entertainment and travel this summer – CBS News

    Smart Strategies to Slash Your Summer Entertainment and Travel Costs!

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    MSE, DXC Technology expand tech partnership – Sports Business Journal

    MSE, DXC Technology expand tech partnership – Sports Business Journal

    Technology Driving Performance: How Elite MA Plans Leverage Data, Care Coordination, and Advanced Analytics to Thrive Amid CMS’s Rigorous 2025 Standards, Black Book – Newswire.com

    Unlocking Success: How Top MA Plans Harness Data and Analytics to Excel Under CMS’s 2025 Standards

    Arqit acquires Ampliphae’s technology IP, enhancing its global encryption portfolio – GlobeNewswire

    Arqit Boosts Global Encryption Portfolio with Strategic Acquisition of Ampliphae’s Technology IP

    Searenergy partners with Tethys Robotics on subsea inspection technology – Windtech International

    Searenergy partners with Tethys Robotics on subsea inspection technology – Windtech International

    China successfully tests new-gen satellite-to-ground data transmission technology – Global Times

    China successfully tests new-gen satellite-to-ground data transmission technology – Global Times

    Wireless Connectivity Technology Market Set to Witness – openPR.com

    Exploring the Future: Wireless Connectivity Technology Market Poised for Remarkable Growth!

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Business

Is Your Smart Building an Easy Target for Hackers?

July 18, 2023
in Business
Is Your Smart Building an Easy Target for Hackers?
Share on FacebookShare on Twitter

By Coleman Wolf, CPP, CISSP, SmartScore AP

The latest building system technologies being adopted bring many benefits in terms of operational efficiencies, reduced environmental impact, and enhanced occupant experience. Building owners, operators, and contractors, as well as well as the electrical, mechanical, and plumbing designers implementing these new technologies should be wary. These systems also introduce new vulnerabilities and present a much more tempting target for malicious actors seeking to launch cyberattacks. So do the benefits outweigh the risks, and how should potential vulnerabilities be addressed?

The Introduction of Intelligent Buildings

Advancements in smart building technology have transformed the day-to-day management of buildings. Nearly every aspect of a facility can now be controlled remotely through a series of interconnected sensors and actuators via computers. Operational technology (OT) systems such as building automation systems (BAS), intelligent plumbing systems, air quality monitoring, elevators, building access control, video surveillance, and more can now be monitored and controlled remotely. Today more than ever, building owners, operators, and tenants expect their facilities to be safe, secure, more productive while also enhancing occupant experiences through optimization of space, systems, and services.

We are currently emerging into an evolving, post-pandemic workplace that demands greater monitoring and control of indoor air quality (IAQ), detailed awareness of occupancy as people interact with the different spaces, and enhanced control of facility access. Furthermore, these modern intelligent building systems also help prepare properties to address new health threats. Intelligent plumbing systems can be customized to automatically respond to events as well as execute regular tasks such as maintaining water temperature, address bacteria and biofilm growth, and avoid stagnation.

These systems also anticipate future environmental sustainability requirements that can be met through increased data collection, analysis, and control. The age of the intelligent building is upon us, and as intelligent building platforms continue to grow and evolve, so too will the frequency and nature of the cyberattacks we can expect to see targeting these systems.

Where to Look for Unexpected Vulnerabilities

Early building control systems were not typically built with strong security in mind. They tended to be self-contained systems isolated from external access, and it would take some type of physical contact to compromise them. A workstation login and password often were all that was really needed. With modern buildings increasingly being connected with the outside world, exposure to those systems has grown exponentially leading to an increased danger of cyberattacks.

However, the potential impact to building control systems like lighting, lobby monitor displays, thermostats, and other less obvious targets may not always be recognized. While the direct effect to those systems may be relatively minor, the larger ramifications may be much more serious, and the compromise of those devices may not be the ultimate goal of an attacker. The fact that those devices are easy to connect to and likely have vulnerabilities that are easy to exploit make them valuable initial steps for an attacker to gain further access to a network to reach other targets. If an attacker finds that other entry points to a network are well secured, they will look to alternate entry points, and with OT systems increasingly connected to networks those attackers are finding that they often provide a path with much easier access.

The attacker’s goals may be theft of valuable information, but it could also be some sort of disruption of systems or operations. With IT systems this disruption may be in the form of deleted or modified data, denial-of-service, or it could be ransomware in which data is encrypted until the victim pays a ransom to the attacker. With OT systems, the nature of these disruptions can be significantly more severe. Imagine the potential damage resulting from loss of critical OT systems in a hospital, or power at a casino, or cooling at a data center. And for many systems, availability and integrity is important to the health and safety of personnel adding further potential risks.

As an example of a recently reported cyberattack, hackers were able to gain access to an unnamed Las Vegas casino database via an internet-connected “smart thermometer” used to maintain a high-tech aquarium in their lobby. The breach of this seemingly innocuous device allowed the cybercriminals to bypass security measures and navigate to other systems to steal 10 gigabytes of information from a “high roller” database. The unusual heist highlights the vulnerability of Internet-of-Things (IoT) devices. According to IOT Analytics, the number of connected IoT gadgets is expected to grow 18 percent this year to 14.4 billion devices globally. The trend also underscores the increased vulnerabilities property owners and cybersecurity professionals face.

Limiting Access and Opportunity

While data theft such as theft of financial or other personal information often gets the most attention, there are other threats that can be just as costly and potentially more dangerous. The reliability of systems that control and monitor facility operations is also needed. The continual collection of information by connected devices about our individual environments and activities could also seriously impact how business and personal decisions are made. Fortunately, we are starting to see better protection measures, although there is still a long way to go.

While different systems have different requirements, the following are some basic security recommendations to better protect your building and operations:

·      Segregate systems on separate networks wherever possible.

·       Actively manage system accounts including unique and strong passwords for each component and controlling system account assignment and privileges.

·       Create a program to manage software and firmware patches and updates to reduce risk exposure.

·       Document your systems thoroughly. Too often a company doesn’t have accurate system information and you can’t manage what you don’t know.

·       Perform cybersecurity testing of your systems on a routine basis. The systems themselves are not static and new vulnerabilities are discovered every day, so it is important to stay current.

Creating a Cybersecurity Action Plan

As information technology (IT) and OT systems become increasingly intertwined, it is clear a unified approach to security is needed. But the frequent question asked is “who should manage cybersecurity for these systems?”

According to an ASIS survey, the biggest obstacle slowing organizations to adapt to combined systems revolve around people issues. Physical security departments are often set in a history of siloed traditions and functions. Personnel are often hesitant to give up or share control of what they consider to be core competencies including people management, intelligence, and investigations. IT professionals can be equally rooted in their own routines built around the latest technology, system innovations, and cyberthreats.

Loss of authority, status, control, or staff are equally feared by both groups and often results in a lack of communication. This often leads to the two sides not recognizing security gaps or worse, assuming the other is addressing specific concerns. Despite these hesitations, many companies are beginning to understand that both OT and IT systems need to be managed holistically under the overall goal of risk management. Communication is fundamental to successful convergence.

In many instances, IT is the gatekeeper to all devices allowed on a company’s network. Bringing IT and OT stakeholders together early in the project design development process—preferably during initial Master Planning phases—can help avoid conflicts and eliminate implementation schedule delays. While it is common for organizations to put their intelligent building system and individual OT system components on the company’s enterprise network, it comes with inherent cybersecurity risk. If devices are not thoroughly vetted, tested, and approved by IT, chances are they will not be allowed to connect, potentially leading to missed expectations and lost operational opportunities.

In the end, being more integrated and interconnected does not inherently mean your facility is more vulnerable, but it does make the security considerations more complex. In fact, the additional systems can actually make building automation systems (BAS) safer if they provide more detailed intelligence that allow operations personnel to respond to a cyberattack more accurately and efficiently. And if the integration of these devices and systems drives more and better engagement between stakeholders, we can expect to see overall better security, improved operations, reduced utility consumption, and increased occupant comfort, delivering on the promise of the intelligent building.

A Journey, Not a Destination.

Implementing a successful cybersecurity risk management plan is a cycle that begins with awareness and works through implementation before starting over again. In addition to engaging a qualified third-party expert to help guide you along the way as well as conduct independent assessments, there are two specific steps every company should take now:

1.    Get your IT and OT teams together now

·       Obtain support from top down to address organizational risks

·       Work jointly to identify gaps in security measures

·       Develop a unified cybersecurity policy and mitigation strategies

2.     Know your security posture

·       Document your systems (“You can’t manage what you don’t know”)

·       Assess vulnerabilities and risks for your systems and existing protective security measures

·       Conduct regular checkups to reassess posture and assess corrective measures

Coleman Wolf, CPP, CISSP, is the security services studio leader at global engineering and technology firm ESD. He has over 20 years of experience in security management as a security designer and consultant. Coleman is an ASIS Certified Protection Professional (CPP), a Certified Information Systems Security Professional (CISSP), and is an active member of the ASIS Security Architecture and Engineering Council.

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : ContractorMag – https://www.contractormag.com/smart-buildings-homes/article/21269661/is-your-smart-building-an-easy-target-for-hackers

Tags: ‘Smartbuildingbusiness
Previous Post

ABC Opposes OSHA’s Improve Tracking of Workplace Injuries and Illnesses Final Rule

Next Post

Erica Levasseur

May 15 – Ecology proposes new updates to help industry transition to clean semi-trucks – Washington State Department of Ecology (.gov)

Ecology Unveils Exciting New Updates to Accelerate the Shift to Clean Semi-Trucks!

May 28, 2025
Earth’s core is ‘leaking’ gold, study finds – Live Science

Unlocking Earth’s Secrets: New Study Reveals Gold is ‘Leaking’ from the Core!

May 28, 2025
Reading Science Center awarded $175,500 Neighborhood Assistance Tax Credit to double education space – Berks Weekly

Reading Science Center Secures $175,500 Tax Credit to Expand Educational Space!

May 28, 2025

Want to Live Long? Lifestyle Matters More Than Genes – Time Magazine

May 28, 2025
This City Was Named the World’s Fastest-growing Wealth Hub With 156 Centimillionaires and 22 Billionaires – Travel + Leisure

This City Was Named the World’s Fastest-growing Wealth Hub With 156 Centimillionaires and 22 Billionaires – Travel + Leisure

May 28, 2025
Five Things We Learned About…The Creator Economy From D&AD Festival – Creative Salon

Unlocking Insights: Five Key Takeaways on the Creator Economy from D&AD Festival

May 28, 2025
New Portland entertainment venue to begin construction in June – KGW

Exciting New Entertainment Venue Set to Break Ground in Portland This June!

May 28, 2025
Can domestic financing solve the global health funding crisis? – Devex

Can domestic financing solve the global health funding crisis? – Devex

May 28, 2025
Brian Hughes to become NASA Chief of Staff – Florida Politics

Brian Hughes Takes the Helm as NASA’s New Chief of Staff!

May 28, 2025
MSE, DXC Technology expand tech partnership – Sports Business Journal

MSE, DXC Technology expand tech partnership – Sports Business Journal

May 28, 2025

Categories

Archives

May 2025
MTWTFSS
 1234
567891011
12131415161718
19202122232425
262728293031 
« Apr    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (647)
  • Economy (660)
  • Entertainment (21,567)
  • General (15,246)
  • Health (9,702)
  • Lifestyle (663)
  • News (22,149)
  • People (662)
  • Politics (668)
  • Science (15,883)
  • Sports (21,167)
  • Technology (15,648)
  • World (648)

Recent News

May 15 – Ecology proposes new updates to help industry transition to clean semi-trucks – Washington State Department of Ecology (.gov)

Ecology Unveils Exciting New Updates to Accelerate the Shift to Clean Semi-Trucks!

May 28, 2025
Earth’s core is ‘leaking’ gold, study finds – Live Science

Unlocking Earth’s Secrets: New Study Reveals Gold is ‘Leaking’ from the Core!

May 28, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version