Building Automation Systems Are a Breeding Ground for Seigeware
have the following, at the very minimum:
- Up-to-date firmware
- Firewall
- Encrypted connection
- Preferably, VPN-only access from the building’s IP
- Strong passwords
- Multi-factor authentication
- Lockout on failed password attempts
- Notification of login attempts
If remote access to a BAS is vulnerable in even one of these areas, it’s susceptible to being hijacked. By implementing at least three authentication types–password, possession IP–unauthorized access can be discouraged, but not necessarily stopped entirely for a determined attacker.
In the case of smart homes and IoT devices, one has to make sure that all connected devices utilize security that prevents any unauthorized access. The security of the controlling BAS box, in this case, extends to each and every physical device controlled through the network.
The concept of a smart home, of top-tier technology that aspires to increase convenience and comfort, becomes one of the most powerful enablers of cyber terrorism. Here’s hoping that those companies and individuals implementing BAS into buildings will be working closely with IT departments and security researchers to protect our buildings’ critical support systems.
Joe Robinson is a data privacy and cyber security writer who loves to analyze and debate anything related to tech and ethics. See more of Joe’s work at VPNTeacher, a site dedicated to keeping you safe online and your data secure.
This guest blog is part of a Channel Futures sponsorship.
- Page 1
- Page 2