Almost 40% of computers used to control smart building automation system were subject to some kind of malicious attack in the first half of 2019, according to a recent study conducted by global cybersecurity specialist Kaspersky.
This study concluded that while it is unclear if such systems were deliberately targeted, they often become a destination for various generic threats. Despite not being sophisticated, many of these threats may pose significant danger to everyday smart building operations, Kaspersky said.
“Smart building automation systems typically consist of sensors and controllers used to monitor and automate the operation of elevators, ventilation, climate controls, electricity and water supplies, fire alarms, video surveillance, access controls and many other critical information and security systems. These systems are generally managed and controlled via generic workstations, which are often connected to the internet,” Kaspersky said in a release. “A successful attack against such a workstation can easily result in the failure of one or several critically important smart building systems. Based on analysis of telemetry processed by around 40 thousand randomly chosen Kaspersky security solutions, deployed at smart buildings around the world, cyberattacks that could cause such damage are a reality.”
Out of the 37.8% of protected smart building systems management computers that were targeted, more than 11% were attacked with different variants of spyware, which is malware aimed at stealing account credentials and other valuable information. Worms were detected on 10.8% of workstations; 7.8% received phishing scams, and 4.2% encountered ransomware.
According to the study, most of these threats came from the internet, with 26% of infection attempts being web-born. Removable media, including flash sticks, external hard drives and others, were responsible for the threats in 10% of cases; another 10% of threats came via email links and attachments. Also, 1.5% of smart building computers were attacked from sources within the organization network, such as shared folders.
Kaspersky’s report showed that Italy had the highest percentage of attacked smart building computers, with 48.5%, followed by Spain (47.6%), the U.K. (44.4%), Czech Republic (42.1%) and Romania (41.7%).
“While these figures are relatively low in comparison to the wider threat landscape, their impact should not be underestimated. Imagine if credentials from a highly secured building are stolen by a generic piece of malware and then sold on the black market. Or a sophisticated building’s life support system is frozen because essential processes have been encrypted by yet another ransomware strain. The list of possible scenarios is endless. We urge security teams, whose area of responsibility covers IT networks of smart buildings, not to forget that they need protection,” said Kirill Kruglov, security researcher at Kaspersky ICS CERT.