Accepting that our physical systems have become very attractive to hackers and criminal gangs is the first step to doing something about it. PSI caught up with Mike Gillespie of Advent IM to discuss the cyber risks for networked security systems
The growth of networked and web enabled equipment we use is only ever going to increase and as buildings get smarter and the need to manage them smartly, more pronounced, the potential for attack increases. Understanding the threat is where we need to start and this has to be through good quality education, training and knowledge sharing.
Installing equipment securely has to be a baseline requirement, and explaining best practice to end users may help them build the management of those systems into their own configuration and change management regimes. More and more facility managers are finding themselves dealing with IT professionals and IT security professionals, owing to the nature of the equipment they are expected to manage now.
Whilst everyone’s role includes the need to protect assets and people, the language we use can sometimes be a big stumbling block. It may be worth talking to communications teams to find glossaries or other content that will help in daily interactions and help to mitigate the risk from poor communication and the cracks in security it creates.
It seems you cannot open a security publication these days without being reminded of the growing threat from cyberspace. So, our systems, both information and physical, are under attack and how we rise to meet the growing challenge is a constant source of both headline and speculation.
The changing nature of the threat and the sneaky and malicious nature of cyber criminals means that not only do we need to be certain of our own next steps, but that we are in step with our fellow professionals. Collaboration across disciplines to ensure we are contributing to a culture of genuine resilience. How this works in practice is up to individual businesses and organisations, but the stakes have never been higher.
- In 2013, the Haifa Tunnel – the main arterial road into Tel Aviv was shut down after its camera surveillance system was attacked. The shutdown lasted over eight hours and caused chaos that lasted for days. It had been noted that in June of the same year, areas of Israeli critical national infrastructure had also been attacked. The attacks included water, banks, trains and electricity. These attacks were caught by efficient monitoring and thwarted before harm could be done.
- In Washington DC, four days before President Trump’s inauguration 75% of the surveillance camera DVR capability was crippled by two ransomware attacks. This forced the DC police to rebuild the systems from scratch, a massive challenge given the timing.
- But perhaps vying for top ‘audacious’ billing must be the bank heist case that as yet is not fully solved. In more than 36 countries worldwide, bank CCTV systems were hacked in order to track movements and behaviour of staff with key accounts, to enable mimicking of their behaviour on those accounts at a future date without arousing suspicion. The information gathered was used as part of a huge heist which saw the attackers create millions in dollars, add them to targeted accounts (identified via surveillance cameras as best targets) and then withdrawn in cash from hacked ATMs into the hands of the gang members. The gang, named ‘Carbanak’, are yet to be fully discovered and the investigation – along with the activity, has yet to be completed.
If you think you are not working with systems that this would happen to, remember that in 2014, literally thousands of webcams and surveillance cameras were hacked and then live-streamed across the world. These were things like ‘nannycams’ and home CCTV systems. All were installed insecurely with default username and password settings, allowing ease of access to over 76,000 cameras. They could have been in a college, school or leisure centre, we don’t know the full extent. The common factor was insecure installation and resulting lack of management.
Nowadays, if you work in security, you have a cyber security element to your role, to some degree or another. How successful you are in that area, will depend on how well trained you are and how collaborative your approach is. For make no mistake, the future of successful building management and security systems, will be all about collaboration.
As we move forward, criminals are creating more sophisticated malware and recent news from global cyber seminars would appear indicate that researchers, also known as ‘white hats’, showcased ransomware (designed to extort the user by encrypting their systems until a ransom is paid) that is specifically for physical systems. This means potentially an entire building, its contents and inhabitants could be held to ransom. If white hats can write it, you can guarantee that black hats can too. If we are not on the front foot and prepared for this eventuality, the potential for harm increases with each new discovery.