International. According to new research from Kaspersky, nearly four in ten (37.8%) computers used to control smart building automation systems were affected by malicious attacks in the first half of 2019.
The results indicate that while it is unclear whether such systems were deliberately targeted, they often become an endpoint for several generic threats that present significant implications for smart building operations.
Based on the analysis of telemetry processed by approximately 40,000 randomly chosen Kaspersky security solutions implemented in smart buildings around the world, it is clear that smart building cyberattacks are a reality. Smart building automation systems typically consist of sensors and controllers used to monitor and automate the operation of elevators, ventilation, electricity and water supplies, access controls, and many other critical information and safety systems. These systems are usually managed and controlled by generic workstations that are often connected to the Internet, and a successful attack can easily result in the failure of one or more critically important smart building systems.
Of the 37.8% of protected smart building system management computers that were attacked, more than 11% were attacked with different variants of spyware, a type of malware aimed at stealing account credentials and other valuable information. Worms were detected on 10.8% of workstations, 7.8% received phishing scams, and 4.2% found ransomware.
The majority of threats come from the internet, with 26% of infection attempts born on the web. Removable media, including USB sticks and external hard drives, were responsible in 10% of cases and another 10% faced threats via email links and attachments. 1.5% of smart building computers were attacked from sources within the organization's network, such as shared folders.
"While these figures are relatively low compared to the broader threat landscape, their impact should not be underestimated," said Kirill Kruglov, security researcher at Kaspersky ICS CERT. "Imagine if generic malware steals the credentials of a highly secure building and then sells it on the black market, or a sophisticated building's life support system freezes because essential processes have been encrypted by another strain of ransomware. The list of possible scenarios is endless. We urge security teams, whose area of responsibility encompasses smart building IT networks, not to forget that they need protection. Even a basic solution will provide benefits and defend the organization against potentially devastating attacks."
Leave your comment