Building automation vulnerable to hacks

September 2019 News, Cyber Security

Critical Internet-connected smart building devices used in countless commercial and industrial properties, have been found to be vulnerable to a new malicious attack, according to cybersecurity researcher Bertin Bervis.

The vulnerability exploits the properties in the building automation protocol (Bacnet) which enables technicians and engineers to monitor, change and remotely control of a wide range of key smart systems that impact temperature control, and other monitoring systems. Bervis analysed several building automation devices with built-in web applications for remote monitoring and control. They were disclosed to manufacturers who didn’t respond.

The research ‘Mixing industrial protocols with web application flaws in order to exploit devices connected to the Internet’ was presented at the DEF CON IoT Village, organised by security consulting and research firm Independent Security Evaluators.

The attacker is able to maliciously modify the system’s web application code by injecting JavaScript code in the Bacnet device, abusing the read/write properties from the Bacnet protocol itself. The code is stored in the Bacnet database, helping the attacker to achieve persistence on browser devices that are used in building environments or industrial facilities that connect via BACnet.

The web applications allow malicious code modification in specific elements taken directly from the protocol level user interaction and protocol level database information changes, which means any data change performed directly from protocol interaction can modify pieces of code in the whole web application in a persistent way.

“Remote attackers can jump from that point to another using this technique to steal sensitive information from technicians or engineers who interact directly with the infected devices,” Bervis says. “It opens a new door for remote attacks without touching or interacting with the web application in those devices. The attacker only needs an insecure building automation protocol to modify the data.”

Bervis is an independent cybersecurity researcher from Costa Rica. His research is focused on Internet-connected devices and industrial protocols and is focused on analysing web servers in the wild and exploiting their vulnerabilities.

IoT Village is a security research community that brings together the brightest minds from security researchers, product manufacturers, solution providers, and academics in order to collaborate on solving the security challenges that plague IoT. It consists of many programming elements: talks, exploit demos, zero-day hunting contests, capture the flag style contests, and other hacktivities.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

TAPA: The role of an effective treasury function in business risk management
June 2019, Technews Publishing , News
Neil Le Roux, the Founder of Diligent Advisors will speak at the TAPA SA (Transported Asset Protection Association) annual conference on 26 July 2019.

Read more...
Platforms are us
September 2019, Technews Publishing , News
A conversation I had at the recent Residential Estate Security Conference Hi-Tech Security Solutions hosted in August (which will be reviewed in the October issue) got me to thinking about the security ...

Read more...
TAPA conference 2019 explores layered approach to security
September 2019, Technews Publishing, TAPA (Transported Asset Protection Association) , News, Transport (Industry)
The Transported Asset Protection Association (TAPA) held its annual South African conference at Emperors Palace in Johannesburg on 26 July 2019.

Read more...
Hennie Lategan joins Centurion as head of exports
September 2019, Centurion Systems , News, Access Control & Identity Management
Centurion Systems has announced the appointment of Hennie Lategan as the head of the company’s exports department.

Read more...
New Africa sales manager for Axis Communications
September 2019, Axis Communications SA , News, CCTV, Surveillance & Remote Monitoring
Axis Communications has appointed Brendon Hall, previously the founder and MD of Pentagon, as its new sales manager, Africa.

Read more...
Check Point appoints new regional director for Africa
September 2019 , News, Cyber Security
Check Point Software Technologies has appointed Pankaj Bhula as regional director for Africa.

Read more...
ISO standard for protecting personal data
September 2019 , News, Cyber Security
Tackling privacy information management head on: first ISO standard for protecting personal data has been published.

Read more...
Hikvision helps secure African Union Summit
September 2019, Hikvision South Africa , News, CCTV, Surveillance & Remote Monitoring
Hikvision established a complete intelligent video solution to ensure the security of the thirty-third African Union (AU) Summit held on 7 July in Niamey, the capital of Niger.

Read more...
The hunt for the Carbanak group
September 2019 , Editor's Choice, Cyber Security, News
Tomorrow Unlocked has released a free four-part documentary that tells the story of the notorious Carbanak APT group and its $1 billion bank heist.

Read more...
Rockwell Automation a founding member of ISA Global Cybersecurity Alliance
September 2019 , News, Industrial (Industry)
To better secure today’s complex and often vulnerable production operations, the ISA Global Cybersecurity Alliance recently announced Rockwell Automation as a founding member.

Read more...