Updated: Aug 8
Article Written By: Julius Caten
Do you know what Operational Technology (“OT”) and IoT networks, end point devices and internet connections are in your building?
· BMS systems
· Access Control Systems
· Camera Systems
· Cellular gateway (backup internet connection)
· Temperature monitoring
· Tenant amenities
Can one of these unknown device or network connections be a gateway for Ransomware or other malicious software? Or could one of these systems be a gateway to corporate networks and databases?
Are vendors sharing login credentials among their technicians that service the buildings systems? Many vendors create a single username and password for the BMS system in a building and then share that login with all their technicians. What happens if one of those technicians is terminated and angry; could the building system be a target of that anger?
Is one of the major building systems connected directly to the internet without a firewall? Even today, many BMS', Access Control Systems and Camera System Servers are connected directly to the internet with no firewall to help isolate them from the internet.
There is a list of major building systems across the US that are connected to the internet without a firewall. This list is open to the internet. Is one of your building systems in that list? Attackers do not even have to find you, they look at this list and go after your system with Ransomware, DDOS attack, or just breaking in to disrupt daily operations.
5Q Cyber has encountered all of these scenarios and guided their clients through the process of correcting these types of issues. Let us help you answer these questions, visit 5qcloud.com/5q-cyber to learn more or email us at firstname.lastname@example.org.