Leveraging operational technology and the Internet of things to attack smart buildings

Leveraging operational technology and the Internet of things to attack smart buildings

In recent years, the buildings where we spend most part of our life are rapidly evolving. They are becoming fully automated environments where energy consumption, access control, heating and many other subsystems are all integrated within a single system commonly referred to as smart building (SB)....

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of Computer Virology and Hacking Techniques 2021-03, Vol.17 (1), p.1-20
Hauptverfasser: dos Santos, Daniel Ricardo, Dagrada, Mario, Costante, Elisa
Format: Artikel
Sprache:eng
Schlagworte:
Access control
Actuators
Automatic control
Building automation
Building management systems
Computer Science
Control systems
Cybersecurity
Energy consumption
Energy management
Industrial electronics
Internet of Things
Malware
Original Paper
Protocol (computers)
Smart buildings
Subsystems
Surveillance systems
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 20
container_issue 1
container_start_page 1
container_title Journal of Computer Virology and Hacking Techniques
container_volume 17
creator dos Santos, Daniel Ricardo
Dagrada, Mario
Costante, Elisa
description In recent years, the buildings where we spend most part of our life are rapidly evolving. They are becoming fully automated environments where energy consumption, access control, heating and many other subsystems are all integrated within a single system commonly referred to as smart building (SB). To support the growing complexity of building operations, building automation systems (BAS) powering SBs are integrating consumer range Internet of things (IoT) devices such as IP cameras alongside with operational technology (OT) controllers and actuators. However, these changes pose important cybersecurity concerns since the attack surface is larger, attack vectors are increasing and attacks can potentially harm building occupants. In this paper, we analyze the threat landscape of BASs by focusing on subsystems which are strongly affected by the advent of IoT devices such as video surveillance systems and smart lightining. We demonstrate how BAS operation can be disrupted by simple attacks to widely used network protocols. Furthermore, using both known and 0-day vulnerabilities reported in the paper and previously disclosed, we present the first (at our knowledge) BAS-specific malware which is able to persist within the BAS network by leveraging both OT and IoT devices connected to the BAS. Our research highlights how BAS networks can be considered as critical as industrial control systems and security concerns in BASs deserve more attention from both industrial and scientific communities. Even within a simulated environment, our proof-of-concept attacks were carried out with relative ease and a limited amount of budget and resources. Therefore, we believe that well-funded attack groups will increasingly shift their focus towards BASs with the potential of impacting the live of thousands of people.
doi_str_mv 10.1007/s11416-020-00358-8
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2493118015</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2493118015</sourcerecordid><originalsourceid>FETCH-LOGICAL-c319t-32258369e585d05724bbe333fa53cb752243bd4a85a066613ca1756d54023a7b3</originalsourceid><addsrcrecordid>eNp9UMtOwzAQtBBIVKU_wMkS58DaGzvuEVU8KlXiAlwtJ3HSlBAX20Hq3-MSJDhx2lntzGh2CLlkcM0AipvAWM5kBhwyABQqUydkxrnETBWIp3_wOVmEsAMAxoUqpJiR1439tN603dBSt08odm4wPY222g6ud-2BmqGmcWvpeojWDzZS16Q9CQKNjpoYTfVGw7vxkZZj19fHywU5a0wf7OJnzsnL_d3z6jHbPD2sV7ebrEK2jBnylAPl0golahAFz8vSImJjBFZlITjPsaxzo4QBKSXDyrBCyFrkwNEUJc7J1eS79-5jtCHqnRt9eiBoni-RMQVMJBafWJV3IXjb6L3vUuCDZqCPFeqpQp0q1N8VapVEOIlCIg-t9b_W_6i-ANuucu8</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2493118015</pqid></control><display><type>article</type><title>Leveraging operational technology and the Internet of things to attack smart buildings</title><source>Springer journals</source><source>Alma/SFX Local Collection</source><creator>dos Santos, Daniel Ricardo ; Dagrada, Mario ; Costante, Elisa</creator><creatorcontrib>dos Santos, Daniel Ricardo ; Dagrada, Mario ; Costante, Elisa</creatorcontrib><description>In recent years, the buildings where we spend most part of our life are rapidly evolving. They are becoming fully automated environments where energy consumption, access control, heating and many other subsystems are all integrated within a single system commonly referred to as smart building (SB). To support the growing complexity of building operations, building automation systems (BAS) powering SBs are integrating consumer range Internet of things (IoT) devices such as IP cameras alongside with operational technology (OT) controllers and actuators. However, these changes pose important cybersecurity concerns since the attack surface is larger, attack vectors are increasing and attacks can potentially harm building occupants. In this paper, we analyze the threat landscape of BASs by focusing on subsystems which are strongly affected by the advent of IoT devices such as video surveillance systems and smart lightining. We demonstrate how BAS operation can be disrupted by simple attacks to widely used network protocols. Furthermore, using both known and 0-day vulnerabilities reported in the paper and previously disclosed, we present the first (at our knowledge) BAS-specific malware which is able to persist within the BAS network by leveraging both OT and IoT devices connected to the BAS. Our research highlights how BAS networks can be considered as critical as industrial control systems and security concerns in BASs deserve more attention from both industrial and scientific communities. Even within a simulated environment, our proof-of-concept attacks were carried out with relative ease and a limited amount of budget and resources. Therefore, we believe that well-funded attack groups will increasingly shift their focus towards BASs with the potential of impacting the live of thousands of people.</description><identifier>ISSN: 2263-8733</identifier><identifier>EISSN: 2263-8733</identifier><identifier>DOI: 10.1007/s11416-020-00358-8</identifier><language>eng</language><publisher>Paris: Springer Paris</publisher><subject>Access control ; Actuators ; Automatic control ; Building automation ; Building management systems ; Computer Science ; Control systems ; Cybersecurity ; Energy consumption ; Energy management ; Industrial electronics ; Internet of Things ; Malware ; Original Paper ; Protocol (computers) ; Smart buildings ; Subsystems ; Surveillance systems</subject><ispartof>Journal of Computer Virology and Hacking Techniques, 2021-03, Vol.17 (1), p.1-20</ispartof><rights>Springer-Verlag France SAS, part of Springer Nature 2020</rights><rights>Springer-Verlag France SAS, part of Springer Nature 2020.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c319t-32258369e585d05724bbe333fa53cb752243bd4a85a066613ca1756d54023a7b3</citedby><cites>FETCH-LOGICAL-c319t-32258369e585d05724bbe333fa53cb752243bd4a85a066613ca1756d54023a7b3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s11416-020-00358-8$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s11416-020-00358-8$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,780,784,27924,27925,41488,42557,51319</link.rule.ids></links><search><creatorcontrib>dos Santos, Daniel Ricardo</creatorcontrib><creatorcontrib>Dagrada, Mario</creatorcontrib><creatorcontrib>Costante, Elisa</creatorcontrib><title>Leveraging operational technology and the Internet of things to attack smart buildings</title><title>Journal of Computer Virology and Hacking Techniques</title><addtitle>J Comput Virol Hack Tech</addtitle><description>In recent years, the buildings where we spend most part of our life are rapidly evolving. They are becoming fully automated environments where energy consumption, access control, heating and many other subsystems are all integrated within a single system commonly referred to as smart building (SB). To support the growing complexity of building operations, building automation systems (BAS) powering SBs are integrating consumer range Internet of things (IoT) devices such as IP cameras alongside with operational technology (OT) controllers and actuators. However, these changes pose important cybersecurity concerns since the attack surface is larger, attack vectors are increasing and attacks can potentially harm building occupants. In this paper, we analyze the threat landscape of BASs by focusing on subsystems which are strongly affected by the advent of IoT devices such as video surveillance systems and smart lightining. We demonstrate how BAS operation can be disrupted by simple attacks to widely used network protocols. Furthermore, using both known and 0-day vulnerabilities reported in the paper and previously disclosed, we present the first (at our knowledge) BAS-specific malware which is able to persist within the BAS network by leveraging both OT and IoT devices connected to the BAS. Our research highlights how BAS networks can be considered as critical as industrial control systems and security concerns in BASs deserve more attention from both industrial and scientific communities. Even within a simulated environment, our proof-of-concept attacks were carried out with relative ease and a limited amount of budget and resources. Therefore, we believe that well-funded attack groups will increasingly shift their focus towards BASs with the potential of impacting the live of thousands of people.</description><subject>Access control</subject><subject>Actuators</subject><subject>Automatic control</subject><subject>Building automation</subject><subject>Building management systems</subject><subject>Computer Science</subject><subject>Control systems</subject><subject>Cybersecurity</subject><subject>Energy consumption</subject><subject>Energy management</subject><subject>Industrial electronics</subject><subject>Internet of Things</subject><subject>Malware</subject><subject>Original Paper</subject><subject>Protocol (computers)</subject><subject>Smart buildings</subject><subject>Subsystems</subject><subject>Surveillance systems</subject><issn>2263-8733</issn><issn>2263-8733</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><recordid>eNp9UMtOwzAQtBBIVKU_wMkS58DaGzvuEVU8KlXiAlwtJ3HSlBAX20Hq3-MSJDhx2lntzGh2CLlkcM0AipvAWM5kBhwyABQqUydkxrnETBWIp3_wOVmEsAMAxoUqpJiR1439tN603dBSt08odm4wPY222g6ud-2BmqGmcWvpeojWDzZS16Q9CQKNjpoYTfVGw7vxkZZj19fHywU5a0wf7OJnzsnL_d3z6jHbPD2sV7ebrEK2jBnylAPl0golahAFz8vSImJjBFZlITjPsaxzo4QBKSXDyrBCyFrkwNEUJc7J1eS79-5jtCHqnRt9eiBoni-RMQVMJBafWJV3IXjb6L3vUuCDZqCPFeqpQp0q1N8VapVEOIlCIg-t9b_W_6i-ANuucu8</recordid><startdate>20210301</startdate><enddate>20210301</enddate><creator>dos Santos, Daniel Ricardo</creator><creator>Dagrada, Mario</creator><creator>Costante, Elisa</creator><general>Springer Paris</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope></search><sort><creationdate>20210301</creationdate><title>Leveraging operational technology and the Internet of things to attack smart buildings</title><author>dos Santos, Daniel Ricardo ; Dagrada, Mario ; Costante, Elisa</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c319t-32258369e585d05724bbe333fa53cb752243bd4a85a066613ca1756d54023a7b3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Access control</topic><topic>Actuators</topic><topic>Automatic control</topic><topic>Building automation</topic><topic>Building management systems</topic><topic>Computer Science</topic><topic>Control systems</topic><topic>Cybersecurity</topic><topic>Energy consumption</topic><topic>Energy management</topic><topic>Industrial electronics</topic><topic>Internet of Things</topic><topic>Malware</topic><topic>Original Paper</topic><topic>Protocol (computers)</topic><topic>Smart buildings</topic><topic>Subsystems</topic><topic>Surveillance systems</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>dos Santos, Daniel Ricardo</creatorcontrib><creatorcontrib>Dagrada, Mario</creatorcontrib><creatorcontrib>Costante, Elisa</creatorcontrib><collection>CrossRef</collection><jtitle>Journal of Computer Virology and Hacking Techniques</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>dos Santos, Daniel Ricardo</au><au>Dagrada, Mario</au><au>Costante, Elisa</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Leveraging operational technology and the Internet of things to attack smart buildings</atitle><jtitle>Journal of Computer Virology and Hacking Techniques</jtitle><stitle>J Comput Virol Hack Tech</stitle><date>2021-03-01</date><risdate>2021</risdate><volume>17</volume><issue>1</issue><spage>1</spage><epage>20</epage><pages>1-20</pages><issn>2263-8733</issn><eissn>2263-8733</eissn><abstract>In recent years, the buildings where we spend most part of our life are rapidly evolving. They are becoming fully automated environments where energy consumption, access control, heating and many other subsystems are all integrated within a single system commonly referred to as smart building (SB). To support the growing complexity of building operations, building automation systems (BAS) powering SBs are integrating consumer range Internet of things (IoT) devices such as IP cameras alongside with operational technology (OT) controllers and actuators. However, these changes pose important cybersecurity concerns since the attack surface is larger, attack vectors are increasing and attacks can potentially harm building occupants. In this paper, we analyze the threat landscape of BASs by focusing on subsystems which are strongly affected by the advent of IoT devices such as video surveillance systems and smart lightining. We demonstrate how BAS operation can be disrupted by simple attacks to widely used network protocols. Furthermore, using both known and 0-day vulnerabilities reported in the paper and previously disclosed, we present the first (at our knowledge) BAS-specific malware which is able to persist within the BAS network by leveraging both OT and IoT devices connected to the BAS. Our research highlights how BAS networks can be considered as critical as industrial control systems and security concerns in BASs deserve more attention from both industrial and scientific communities. Even within a simulated environment, our proof-of-concept attacks were carried out with relative ease and a limited amount of budget and resources. Therefore, we believe that well-funded attack groups will increasingly shift their focus towards BASs with the potential of impacting the live of thousands of people.</abstract><cop>Paris</cop><pub>Springer Paris</pub><doi>10.1007/s11416-020-00358-8</doi><tpages>20</tpages></addata></record>
fulltext fulltext
identifier ISSN: 2263-8733
ispartof Journal of Computer Virology and Hacking Techniques, 2021-03, Vol.17 (1), p.1-20
issn 2263-8733
2263-8733
language eng
recordid cdi_proquest_journals_2493118015
source Springer journals; Alma/SFX Local Collection
subjects Access control
Actuators
Automatic control
Building automation
Building management systems
Computer Science
Control systems
Cybersecurity
Energy consumption
Energy management
Industrial electronics
Internet of Things
Malware
Original Paper
Protocol (computers)
Smart buildings
Subsystems
Surveillance systems
title Leveraging operational technology and the Internet of things to attack smart buildings
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-07T17%3A35%3A47IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Leveraging%20operational%20technology%20and%20the%20Internet%20of%20things%20to%20attack%20smart%20buildings&rft.jtitle=Journal%20of%20Computer%20Virology%20and%20Hacking%20Techniques&rft.au=dos%20Santos,%20Daniel%20Ricardo&rft.date=2021-03-01&rft.volume=17&rft.issue=1&rft.spage=1&rft.epage=20&rft.pages=1-20&rft.issn=2263-8733&rft.eissn=2263-8733&rft_id=info:doi/10.1007/s11416-020-00358-8&rft_dat=%3Cproquest_cross%3E2493118015%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2493118015&rft_id=info:pmid/&rfr_iscdi=true