I Own Your Building (Management System)

Acrobat I Own Your Building (Management System)
Author/Researcher: Gjoko Krstic & Sipke Mellema
Source: https://applied-risk.com

Introduction: Not many people have noticed that the modern buildings have changed into industrial control systems. By embedding IP-based technologies throughout the buildings and by connecting sensors, controllers and supervisory software, building owners enjoy a low-cost management of their assets, with minimal staffing. Building Management Systems (BMS) monitor and control a building’s internal environment. They are used in various sectors, such as commercial, banking, industrial, medical, and even residential.

Unfortunately, it is observed that these panels are often accessible from the Internet, enabling also malicious parties to access the administrator’s dashboard. Multiple deployments of BMS solutions remain susceptible to basic cyber security
attacks, such as command injection, file uploads or privilege escalation. The execution of these attacks enables an unauthenticated attacker to access and manipulate doors, elevators, air-conditioning systems, cameras, boilers, lights, safety alarm systems in an entire building. Read More

10 Steps to Cyber Security

Acrobat 10 Steps to Cyber Security
Author/Researcher: National Cyber Security Centre
Source: https://www.ncsc.gov.uk
Overview: Defining and communicating your Board’s Information Risk Regime is central to your organisation’s overall cyber security strategy. The National Cyber Security Centre recommends you review this regime – together with the nine associated security areas described below, in order to protect your business against the majority of cyber attacks. Read More