Cyber Security and Smart Buildings

Modern smart buildings are equipped with a multitude of interconnected systems and devices, including HVAC (heating, ventilation, and air conditioning), lighting, access control, and surveillance systems, which rely heavily on the Internet of Things (IoT) technology. These systems are designed to optimize building performance, reduce energy consumption, and enhance occupant comfort. However, their widespread adoption and integration into building infrastructures pose significant cybersecurity risks.

One of the major security concerns associated with smart buildings is their extensive attack surface, which provides a plethora of entry points for threat actors to exploit. Cybercriminals can gain unauthorized access to sensitive information stored in one system by exploiting vulnerabilities in another system. As more and more building automation systems are being integrated with other systems used in companies and their infrastructures, it is becoming increasingly difficult to distinguish between them, leaving more cyber holes unmonitored.

The use of insecure industrial protocols is another vulnerability that attackers take advantage of to disrupt smart building operations. Building automation systems commonly rely on open protocols such as BACnet and LonWorks, which are not inherently secure and have their own vulnerabilities. Attackers can easily access the documentation needed to develop commands to disrupt the operations of controllers and other devices, posing a significant threat to the building’s overall security.

As buildings become more distributed and complex, cyberattacks on smart buildings are becoming more sophisticated, with attackers targeting the cyber-physical equipment that controls building systems. This is especially concerning as more building complexes are being supervised from a central location, making them more vulnerable to large-scale cyberattacks.

The security impact of cyberattacks on smart buildings extends beyond the building itself. As more cities and communities adopt smart city infrastructures, cyberattacks on smart buildings can have a significant impact on the security of the entire ecosystem, posing a risk to users and the wider community. As such, it is critical for building owners and operators to take proactive measures to secure their systems and devices against potential cyber threats.

To protect smart buildings from cyberattacks, several measures need to be implemented, including:

Segregating networks and systems: Building owners and operators should isolate critical systems and networks from other networks that are not essential to the operation of the building. This helps prevent attackers from gaining access to sensitive information and systems.

Conducting regular vulnerability assessments: Regular vulnerability assessments and penetration testing can identify vulnerabilities in building systems and address them before they can be exploited by attackers.

Implementing strong access controls: Strong access controls, such as multi-factor authentication, can help prevent unauthorized access to building systems and data.

Keeping systems up-to-date: Regular software updates and patching can help address known vulnerabilities and keep systems secure.

Educating staff: Staff should be trained on cybersecurity best practices, including how to identify and report suspicious activity.

Debanuj De, Vice President at Trisim Global Solutions, a company with focus on Smart Buildings and Smart Cities, emphasizes the importance of proactive measures to secure smart buildings: “Building owners and operators need to take a holistic approach to cybersecurity. They should consider the entire building infrastructure, including IoT devices, and implement layered security controls to detect and prevent cyber threats. It’s also important to regularly review and update security policies and procedures to stay ahead of evolving threats.”

Examples of cyberattacks on smart buildings include the Target data breach in 2013, where attackers gained access to the company’s network through its HVAC system. In 2019, a smart building in Finland was hacked, and attackers were able to manipulate the building’s heating system, causing it to overheat and create a fire risk. These incidents highlight the need for robust cybersecurity measures to protect smart buildings from potential cyber threats.

In 2020, a hotel in India was hit by a ransomware attack that affected its building automation system. The attackers demanded a ransom to restore access to the system, which controlled the hotel’s lighting, heating, and air conditioning. This incident demonstrated the potential impact of cyber attacks on smart building systems and the importance of having strong cybersecurity measures in place. Additionally, in 2021, a cybersecurity researcher discovered multiple vulnerabilities in a building automation system used in Indian smart cities. The vulnerabilities could have allowed attackers to gain unauthorized access to sensitive information and take control of critical building systems, highlighting the need for regular vulnerability assessments and security testing to identify and address potential vulnerabilities.

Endpoint protection: CrowdStrike’s Falcon and TrendMicro’s Apex One provide advanced endpoint protection for building automation systems, IoT devices, and other endpoints in smart buildings. Similarly, Palo Alto Networks’ Cortex XDR and McAfee’s MVISION Endpoint use machine learning and behavioral analytics to identify and block cyber threats in real-time.

Cloud security: Smart buildings often rely on cloud-based services for data storage and management. CrowdStrike’s Falcon and TrendMicro’s Cloud One provide cloud security and protect against cloud-based threats such as data breaches and unauthorized access. Similarly, Palo Alto Networks’ Prisma Cloud and McAfee’s MVISION Cloud provide advanced cloud security.

Threat intelligence: All four companies offer advanced threat intelligence services that can help smart building operators stay ahead of emerging threats. They provide real-time insights and alerts on potential threats, as well as guidance on how to respond and mitigate risks.

Vulnerability management: CrowdStrike’s Falcon and TrendMicro’s Deep Security offer automated scanning and patching tools that can help identify and manage vulnerabilities in smart building systems and devices. Similarly, Palo Alto Networks’ Prisma Cloud and McAfee’s MVISION Vulnerability Management can help address vulnerabilities before they can be exploited by attackers.

Network Visibility: NMS from companies like Motadata can provide real-time monitoring, analysis, and management of the network infrastructure in smart buildings. It can detect unusual network behavior, segment the network, ensure compliance with security policies and regulations, and manage device and application configurations. By leveraging such software, smart building operators can improve their network visibility, control, and security posture.

Certifications and Compliance Standards to ensure Cybersecurity for Smart Buildings

When selecting smart building technologies, it is important to adhere to and emphasise on choosing sensors, cameras, controllers, and other network equipment that comply with cyber security standards and guidelines like:

UL 2900: UL 2900 is a certification program for the cybersecurity of products and systems. It covers multiple areas, including network-connected devices, industrial control systems, and critical infrastructure.

ISO 27001: ISO 27001 is an international standard that outlines the requirements for an information security management system (ISMS). It covers areas such as risk management, access controls, and incident management.

IEC 62443: IEC 62443 is a series of standards for the security of industrial automation and control systems (IACS). It covers areas such as network security, system development, and incident management.

NIST Cybersecurity Framework: The NIST Cybersecurity Framework is a set of guidelines and best practices for managing cybersecurity risks. It covers five core functions: identity, protect, detect, respond, and recover.

GDPR and CCPA: The General Data Protection Regulation (GDPR) governs the protection of personal data. It’s important to ensure that smart building technologies comply with these regulations to protect the privacy of building occupants.

All leading OEMs like Schneider Electric, Siemens and Honeywell comply to the above standards.

Sourish Dey, Director at Trisim Global Solutions, emphasizes that while the use of advanced technologies and software is crucial in securing smart buildings, training and awareness of operators are equally important. Many cyber attacks are initiated through social engineering techniques, such as phishing, where attackers target employees to gain access to the network. Therefore, it’s essential to train operators on how to recognize and respond to cyber threats, such as suspicious emails or links, and how to follow security protocols in case of a security incident. With regular training and awareness programs, operators can become the first line of defense against cyber threats in smart buildings.


(Posted by the Administrator)

Leave a Reply

%d bloggers like this: