Wednesday, February 6, 2019

Facilities Manager Alert: Your Smart Building May Start Doing Dumb Things

Researchers at enterprise security vendor ForeScout have warned that malware specifically targeting smart buildings is an inevitable next step given the rapidly expanding attack surface that building automation systems expose.

The operational technology researchers at ForeScout should know: they created proof-of-concept malware that revealed smart building vulnerabilities every business should be concerned about.

...just yesterday, Tenable Research revealed it had discovered several zero-day vulnerabilities in a premises access control system used by Fortune 500 companies. Among the many attack scenarios these vulnerabilities could facilitate was 'unfettered access to the badge system database' which in turn meant an ability to create fraudulent access badges and disable building locks. more