Easy for malicious disruption of smart buildings

Industry 4.0 / IOT
Thursday, 19 September 2019

Rise of the Machines: Transforming Cybersecurity Strategy for the Age of IoT, is a new report that investigates how surveillance cameras, smart lights, and other Internet of Things (IoT) devices within smart buildings could be attacked by cyber criminals and how to mitigate those attacks. 

Elisa Costante, Sr. Director of Forescout Research Labs, said, “Today’s connected world is made up of billions of devices that use a myriad of operating systems and network protocols to exchange data across industries and boundaries. We created Forescout Research Labs to explore the security implications of this hyper-connected world and research the associated threats and risks coming from these devices.” 

To demonstrate the cyber risks of a smart building, Forescout Research Labs set up a real-world smart building environment containing video surveillance, smart lighting, and other IoT devices, and analysed how an attacker could obtain initial access to this network and some of the attacks they could implement for each subsystem. 

The research highlights the following findings: 

• Many IoT devices, including surveillance cameras, are set up by default to communicate over unencrypted protocols, allowing for traffic sniffing and tampering of sensitive information. 


The lab demonstrated how sensitive information could be tampered with using surveillance cameras commonly used by enterprises. Researchers successfully replaced a network video recorder’s footage with previously recorded fake content. 

• Compromising the video surveillance system is an example of a cyber-physical attack. 

• A search on Shodan pulled up nearly 4.7 million devices that could be potentially impacted by using these unencrypted protocols. 

“We are at the forefront of the IT/OT convergence that brings massive benefits to enterprises, but unfortunately it also comes with an increased level of cyber risk,” said Costante. 

Forescout Research Labs says it can leverage unique insights and data gathered from the Forescout Device Cloud, which the company says is one of the world’s largest crowdsourced device repositories and now contains more than 10 million devices from nearly 1,200 customers who share anonymised device insights.    

Publishing Information
Magazine Issue:
Demm Engineering & Manufacturing September 2019
Page Number:
29
Related Articles
Police tactical vest: IoT and AI to enhance safety on operations
Wednesday, 27 March 2024
The innovative connected tactical vest project uses artificial intelligence (AI) for its abnormal-situation detection system and can transmit this warning to a command centre via the Internet of...
more»
What Manufacturers Need to Know About Securing IIoT Data
Wednesday, 28 February 2024
As more companies continue to embrace the Industrial Internet of Things (IIoT), hackers are paying close attention. IoT devices, used to exchange and convey sensitive data have become prime targets...
more»
Callaghan Innovation announces extension of Industry 4.0 demonstration network
Wednesday, 21 February 2024
Callaghan Innovation has today announced the expansion of the Industry 4.0 nationwide showcase, with the addition of the LMAC Group as partner. The LMAC Group has built a new mobile showcase...
more»