Smart Buildings – nearly 40 percent of systems attacked by malware
On 19th September 2019, Kaspersky published a report on cybersecurity threats in Smart Building systems. Four out of ten computers used to manage building systems fell victim to a malware attack in the first half of 2019. Infection attempts most often occurred via the Internet, mobile devices, and e-mails.
Building Management Systems (BMS) are specialised computer systems installed in Intelligent Buildings. Their task is to ensure the proper and effective operation of the most crucial building subsystems, including ventilation and elevator management, lighting control, supervision of access control system, CCTV, or fire protection system.
Direct connection of building systems to the Internet without due care for cybersecurity, configuration errors, and possible software vulnerabilities have caused increased hacker interest in recent years.
Based on data collected from 40,000 cybersecurity solutions for Smart Building systems implemented by Kaspersky around the world, the ICS-Cert Kaspersky team has prepared a report summarising the current cyber threats.
37.8% of computers from building systems were affected by a malware attack in the first half of 2019
Percentage of Smart Building systems in individual countries for which malware was blocked in the first half of 2019
Despite a large number of malware attacks on building systems, the report’s authors concluded that in many cases, the attacks were not prepared specifically for Smart Building systems. It should be borne in mind that even “typical” malware found in the IT industry may pose a threat to the availability and operation of a BMS system.
The consequences of installing malware on workstations or servers may be:
- no access or loss of data if the data is encrypted (ransomware),
- theft of confidential data, including authorisation data (in the case of spyware),
- blocking access to services (DoS or DDoS).
European countries at the forefront of countries affected by attacks on BMS systems
An analysis of identified threats by geographical location by Kaspersky shows that the main targets of attacks are primarily systems operating in Europe and in the largest economies of the world (China, India, USA, Brazil). The report shows that the higher the level of development of IT systems and Smart Building systems, the more emphasis should be placed on cybersecurity issues.
Percentage of Smart Building systems in individual countries for which malware has been blocked, data for the first six months of 2019
TOP10 countries in terms of number of systems attacked
Similar sources of attacks for Smart Building and industrial systems
Comparison of attack sources for Smart Building systems and ICS, first six months of 2019
Comparing the results of reports on attacks, we can see that cybersecurity threats for Intelligent Buildings and industrial systems have a similar scale, and the most common methods of infection attempts are almost identical. Using corporate e-mail and portable memory on computers in the building network or providing numerous operator interfaces to the Internet is more common in the case of building systems than industrial ones.
Attacks by type of malware used
Percentage share of particular types of malware in attacks on Smart Building systems, first six months of 2019
The presented data show the growing problem of cybersecurity threats for the real estate market. With technological development, the Smart Building industry is becoming more attractive to the attacker, and the sources of threats are comparable to those known from industrial systems (ICS).
The disadvantage of Smart Building systems may be the possibility of infection from many directions: Internet, internal network, engineering stations, computers, or remote connections of integration and service companies.
The characteristics of the industry requires taking action in securing systems, both from the side of threats that can be encountered by every computer or IT device, as well as attacks directed against resources and functionality specific to Smart Building systems.
What could be the consequences of an attack on Smart Building systems? I encourage you to read the article: Cybersecurity for Smart Building – the issue of liability