Facility Managers Must Ensure Building Systems Are Not The Weak Link For Cyber Attacks
A string of high-profile cyber attacks on buildings through 2020 have continued to highlight the vulnerabilities of smart building technology. A cyber-attack on a US maritime facility targeted cameras and physical access control systems. A ransomware attack on Richmond Community Schools in Michigan gained access to the IT network via heating and cooling systems. Researchers from Singapore University of Technology and Design identified 12 vulnerabilities which impact devices running on the Bluetooth Low Energy (BLE) protocol.
These news stories reflect that the explosion of networked devices and connected systems in buildings has been opening up the exposure of businesses to hackers. The problem is if hackers can exploit building systems, they can manipulate the building’s assets or gain access to private business data. For example, in 2020, hackers have been breaking into building access control systems made by Nortek Security & Control and downloading malware which turns the system into a distributed denial-of-service (DDoS) bot. Cyber breaches can hurt a firm’s brand reputation, tenant retention in buildings and stakeholder confidence.
With cyber risk gaining heightened visibility, building managers need to prioritize cybersecurity in their technology selection process. In the Verdantix 2019 global corporate survey, 88% of respondents already noted improving cybersecurity for building operational systems as a priority over the next 12 months. In the 2019 global real estate asset manager survey, 54% of respondents rated cybersecurity risks as either a very significant or significant source of risk for their clients’ portfolios over the next five years.
Facility directors should work alongside IT executives to run vulnerability assessments on internet-connected operational systems such as BMS or HVAC before purchase. Global building technology vendors Honeywell, JCI, Schneider Electric and Siemens should also continually educate buyers about their services for keeping their buildings systems secure. For example, in 2019, Honeywell released Honeywell Forge Cybersecurity Platform to improve cybersecurity for asset-intensive business.
For more insights into how to smartly upgrade your building infrastructure to support energy efficiency, resiliency and asset management read our report Best Practices For Energy Management In An Era Of Smart Buildings.