In an increasingly connected world, the threat
posed by cybercriminals will extend further than ever before – the
Internet of Things (IoT) is shaking things up. It’s no longer about computers or smartphones being
at risk – any object, any ‘thing’ that is powered by a computer and/or
connected to the internet, is a target. This can be seen in modern cars. Less than a
generation ago, it was have been unthinkable that these modes of transport
could be hacked.
However, as WeLiveSecurity has
reported, this is very real – cars, along with other ‘non-computer’
things, such as toys, are vulnerable to cyberattacks.
The discussion – and the threat – is widening
it seems, with a recent BBC News feature highlighting the fact that buildings
are increasingly susceptible to cybercrime.
In the report, it is estimated that the number of
connected buildings, including hospitals, research facilities and even churches
– in the world number around 50,000. Worryingly, 2,000 of these are thought to
have no password protection in place.
Even organizations like Google, known for being
proactive in boosting the security of the web, are not immune to this threat,
as an incident revealed in 2013.
Two white-hat security researchers from the US managed to hack into the building management system of an
office belonging to the tech giant in Sydney, Australia.
While this was just a test, actual cyberattacks to
buildings are “happening all the time”, explained Martyn Thomas, a professor of
IT at Gresham College in the UK, in the BBC’s report.
Andrew Kelly, principal security consultant at
defence company Qinetiq, shares this assessment, stating that specific types of
cyberattacks – especially ransomware
– are “on the horizon”.
And Mr. Kelly is concerned about the state of play
today. His research into smart buildings, for example, was a revelation, with
building management systems found to be most at risk. “In all cases, pretty much without fail, these
systems had been procured without thought to how to make them secure. I was
absolutely shocked,” he told the broadcaster. “We saw systems installed with default passwords
where it would be a trivial exercise for someone remotely to gain access.”
http://www.welivesecurity.com/2016/04/20/buildings-risk-cyberattacks/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29