Easy for malicious disruption of smart buildings

Industry 4.0 / IOT
Thursday, 19 September 2019

Rise of the Machines: Transforming Cybersecurity Strategy for the Age of IoT, is a new report that investigates how surveillance cameras, smart lights, and other Internet of Things (IoT) devices within smart buildings could be attacked by cyber criminals and how to mitigate those attacks. 

Elisa Costante, Sr. Director of Forescout Research Labs, said, “Today’s connected world is made up of billions of devices that use a myriad of operating systems and network protocols to exchange data across industries and boundaries. We created Forescout Research Labs to explore the security implications of this hyper-connected world and research the associated threats and risks coming from these devices.” 

To demonstrate the cyber risks of a smart building, Forescout Research Labs set up a real-world smart building environment containing video surveillance, smart lighting, and other IoT devices, and analysed how an attacker could obtain initial access to this network and some of the attacks they could implement for each subsystem. 

The research highlights the following findings: 

• Many IoT devices, including surveillance cameras, are set up by default to communicate over unencrypted protocols, allowing for traffic sniffing and tampering of sensitive information. 


The lab demonstrated how sensitive information could be tampered with using surveillance cameras commonly used by enterprises. Researchers successfully replaced a network video recorder’s footage with previously recorded fake content. 

• Compromising the video surveillance system is an example of a cyber-physical attack. 

• A search on Shodan pulled up nearly 4.7 million devices that could be potentially impacted by using these unencrypted protocols. 

“We are at the forefront of the IT/OT convergence that brings massive benefits to enterprises, but unfortunately it also comes with an increased level of cyber risk,” said Costante. 

Forescout Research Labs says it can leverage unique insights and data gathered from the Forescout Device Cloud, which the company says is one of the world’s largest crowdsourced device repositories and now contains more than 10 million devices from nearly 1,200 customers who share anonymised device insights.    

Publishing Information
Magazine Issue:
Demm Engineering & Manufacturing September 2019
Page Number:
29
Related Articles
Affordable sensors plus bearings and GenAI support predictive maintenance
Tuesday, 01 October 2024
According to PwC, 70 percent of CEOs worldwide believe Generative AI (GenAI) will significantly transform the way their companies create, deliver and capture value. That includes manufacturers, who...
more»
Responding swiftly to natural disasters
Tuesday, 20 August 2024
Remote telemetry systems are more essential than ever for protecting critical infrastructure.
more»
Remote telemetry systems are more essential than ever for protecting critical infrastructure
Tuesday, 13 August 2024
Natural disasters are on the rise. According to figures by the United Nations and World Meteorological Organisation, the last 50 years have seen a five-fold increase in environmental catastrophes....
more»