One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1093968 |
| Date de publication | 2019-04-17 13:00:00 (vue: 2019-04-19 10:04:23) |
| Titre | Siegeware and BAS attacks, an emerging threat |
| Texte |
As technological solutions to cybercrime become increasingly advanced, able to preempt attacks and weed out vulnerabilities before they’re widely known, attackers also become more adept at cloaking their presence and concealing their intent.
The targets of attacks also change with the times. Hacking websites and bank accounts is old-hat, some of the most threatening dangers to the most modernized companies and even citizens are those that target technology that doesn’t yet have the robust security systems, or even standards, in place.
It’s sad, but well known that the average consumer doesn’t spend a lot of time worrying about whether the firmware on their IoT devices is up-to-date, leaving millions of devices around the world critically vulnerable to attack. However, you would be forgiven for assuming that companies implementing centralized control of a building’s life support functions such as HVAC, fire security, doors and windows, etc. along with more convenience focused building automation systems, would prioritize cyber security. This is not always the case, and can lead to a potentially disastrous situation for the homes and organizations that implement Building Automation Systems (BAS) and the companies that manufacture, install, and maintain them.
Siegeware and BAS attacks
When attackers combine ransomware with BAS vulnerabilities, we get Siegeware. The attacker takes control of a building and shuts down critical operations such as heating, cooling, alarm systems, and even physical access, and will only rescind control once a ransom has been paid.
Gaining access to the BAS means the attacker becomes the digital overlord of the building. By controlling the automated system that governs the functionality of the building, they control the building itself. They can turn off ventilation, heating, fire suppression systems, and potentially extend influence to other digital functionality of the building.
The hacker can access seven systems remotely once he hijacks the BAS:
Lighting control systems
Fire detection and alarm systems
Automated fire suppression systems
Integrated security and access control systems
Heating, ventilation, and Air conditioning
Power management and assurance systems
Command and control systems
The consequences of losing control of these systems may range from discomfort to potentially life-threatening situations.
An emerging threat
Siegeware is quickly becoming one of the most dangerous and effective methods of cyber-attack. Many companies have already fallen victim to these attacks, and those that haven’t given in to the ransom demands have faced highly disrupted operations as a result.
BAS allows a single command center to control and automate all connected systems in a building so that a high level of comfort can be achieved efficiently. But vulnerabilities exist in any connected system, and when the network is compromised the prospect of physical danger becomes very real.
With increasing numbers of organizations adopting BAS infrastructures, the number of potential targets rises, along with the time spent by attackers searching for as-yet unknown vulnerabilities. To make things worse, many of these buildings are connected to the internet where anyone with the correct username and password can access it. As of February 2019, there were 35,000 BAS systems connected to the public internet globally, and it’s highly likely that many of these are using defaul |
| Envoyé | Oui |
| Condensat | become the 000 2019 able about access accounts achieved adept adequate adopting advanced air alarm all allows along already also always any anyone appear are areas around aspires assuming assurance attack attacker attackers attacks attempts authentication automate automated automation average bank banks bas bas: based become becomes becoming been before being box building building’s buildings buildings’ but can case center centralized change changes citizens cloaking closely combine comfort coming command companies compromised concealing concept conditioning connected connection consequences considered consumer contractors control controlled controlling convenience cooling correct countless critical critically cyber cybercrime danger dangerous dangers date default demands departments detection determined device devices digital disastrous discomfort discouraged disrupted doesn’t doors down each easier effective effectively efficiently emerging enablers encrypted entirely equipped etc even every exist extend extends face faced factor failed fallen february fire firewall firmware focused following forgiven from functionality functions gaining get given globally governs hacker hacking has hat have haven’t heating here’s high highly hijacked hijacking hijacks home homes hoping hospitals however hvac implement implementing increase increasing increasingly individuals influence infrastructures install integrated intent interface internet iot issues it’s itself known large later lead least leaving level life lighting likely live lockout login losing lot maintain majority make makes management manager manufacture many may means methods might millions minimum: modernized months more most multi mutate necessarily needs network networks not notification number numbers off officer old once one only operations organization organizations other out overlord paid password passwords past physical place possession potential potentially power powerful preempt preferably presence preventing prevents prey prioritize prospect protect provide public quickly range ransom ransomware real remote remotely rescind researchers result rises robust sad scale schools searching secured security see set seven severe shuts siegeware simply single situation situations smart solutions solve some spend spent standards stopped strong such support suppression sure susceptible system systems takes target targets task technological technology terrorism them then these they’re things those threat threatening three through tier time times top turn types unauthorized universities unknown username usernames using utilize utilizes ventilation very victim vpn vulnerabilities vulnerable web websites weed well when where whether widely will windows working world worrying worse would years yet your |
| Tags | Ransomware Threat Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.