To raise security awareness, researchers spent months hacking mock building systems

[InfoSec News <alerts () infosecnews org>]

https://www.cyberscoop.com/raise-security-awareness-researchers-spent-months-hacking-mock-building-systems/

By Sean Lyngaas
CyberScoop
JAN 15, 2019

Security experts have in recent months warned that building-automation lags 
behind other critical infrastructure sectors when it comes to awareness of 
cyberthreats and appreciation of their potential impact. Now an 18-month 
research project, which tested malware and exploits on gear made by top 
vendors, is trying to change that.

"In the 18 months that we’ve been working on this, we’ve engaged with a lot of 
stakeholders from the domain," Elisa Costante, a senior director at ForeScout 
Technologies, told CyberScoop. "And now we really see that the reception has 
changed and everybody has realized the impact can be actually more critical" 
than many realized.

After all, she said, the building-automation sector doesn’t just mean office 
buildings, but also includes hospitals, airports, and other critical 
infrastructure.

ForeScout researchers assembled a lab of building-automation equipment, threw 
their custom malware at it, and then documented how effectively their code 
manipulated the gear. The project culminates Tuesday, when Costante will 
present her team’s work at the S4 Conference in Miami Beach, an annual 
pilgrimage for industrial control system gurus.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_