Smart building technologies open to cyber attacks

The recent trend in big household digital corporations such as Evernote, TweetDeck and Feedly being held to ransom by Internet hackers has been undeniably concerning. However, an even more potentially serious problem is that many businesses have no real appreciation of how vulnerable they are to such an cyber attack. 

BMS and Building Controls I.T

When we think of digital technology and internet devices, it’s common to think of computers, phones, tablets and countless other tech based products, but don’t forget about buildings! 

Businesses are slowly moving towards integrated, web-enabled technologies that control everything from heating and lighting to elevators and door locks. Whilst these technologies are great for streamlining, automating and simplifying business procedures and processes, consider a cyber attack shutting down your building’s infrastructure. In addition to the obvious security breach, in most cases staff would need to be sent home, and depending on the size of the company, this could result in losses of thousands or even millions of pounds.

Building control is also evolving to embrace new technologies, with a strong focus on moving away from the human hand to digitally automated systems. It is now time to start viewing buildings and offices as part of a businesses’ overall I.T. infrastructure, not just as a bricks and mortar location. While connected buildings that use the cloud and IP networks to more efficiently control building operations are not new, there are new security precautions that need to be implemented to prevent intruders.

When Google’s Australian office was hacked at the back end of 2013, this should have served as the wakeup call for the smart buildings. Two security researchers exposed Google’s vulnerable building management system for its Wharf 7 office. By going through the Tridium Niagara AX platform, the researchers gained access to blueprints of the building and enabling them to take control of “active overrides,” “active alarms,” “schedule,” and much more. Luckily this wasn’t a malicious attack, but it certainly highlighted the potential for a damaging security breach.

Once a hacker has made their way into a Building Management System (BMS), it becomes relatively easy to access multiple building controls, as was the case for Google. Automation systems that are set up on the same network as corporate and administrative systems put companies at increased risk.

The answer:

The solution to preventing cyber attacks is not disconnecting your building from the cloud, but for the industry and end users to become more educated about potential security risks, an have a contingency plan in place.

With all businesses and industries heavily involved in the use of technology, teething pains and glitches are to be expected. However there needs to be a monumental mind shift to appreciate that in reality buildings should now be considered an IT concern. 

It should be noted that the big Cyber Security breaches that make the press are not always reflective of the industry as a whole, but they do provide a good lesson. When selecting automated system for any modern building, security must be a top factor.

Utilising the cloud is not something businesses should be afraid of, with predicted adoption and usage showing  a steady increase. A lack of education creates fear, which is why as the intelligence of our buildings increases, there is also a need for us to increase our intelligence of how systems within our buildings operate.

For over 30 years, buildings have represented some of the world's biggest robotics systems. The benefits of this explosion in automation have been deep and numerous and further benefits are now becoming a reality. However, without a serious focus on cyber security, the risk of losing those 30 years of progress and missing out on the next wave of advances, is very real.

   Click here to visit our BMS jobs page.