https://www.cyberscoop.com/raise-security-awareness-researchers-spent-months-hacking-mock-building-systems/
By Sean Lyngaas
CyberScoop
JAN 15, 2019
Security experts have in recent months warned that building-automation lags
behind other critical infrastructure sectors when it comes to awareness of
cyberthreats and appreciation of their potential impact. Now an 18-month
research project, which tested malware and exploits on gear made by top
vendors, is trying to change that.
"In the 18 months that we’ve been working on this, we’ve engaged with a lot of
stakeholders from the domain," Elisa Costante, a senior director at ForeScout
Technologies, told CyberScoop. "And now we really see that the reception has
changed and everybody has realized the impact can be actually more critical"
than many realized.
After all, she said, the building-automation sector doesn’t just mean office
buildings, but also includes hospitals, airports, and other critical
infrastructure.
ForeScout researchers assembled a lab of building-automation equipment, threw
their custom malware at it, and then documented how effectively their code
manipulated the gear. The project culminates Tuesday, when Costante will
present her team’s work at the S4 Conference in Miami Beach, an annual
pilgrimage for industrial control system gurus.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
