Collaborate Disseminate
The media got their collective knickers in a twist this week with the news that Wyoming is banning the sale of electric vehicles in the state. Headlines like that certainly …read more Continue reading Hackaday Links: January 22, 2023
The first half of 2020 saw decreases in attacks on most ICS sectors, but oil/gas firms and building automation saw upticks. Continue reading Industrial Cyberattacks Get Rarer but More Complex
In a world of hackable things, protocols in surveillance cameras sometimes get overlooked. The cameras used in commercial buildings aren’t necessarily a priority for researchers looking for the next big intrusion, and the devices are often seen as one-dimensional targets that only yield the data they collect. But that misses the point of how a camera can be a gateway to other devices in a building. Hacking an internet-connected camera could give an attacker a pathway to a device controlling physical access to a facility, for example. That concern prompted researchers at Forescout Technologies to dissect surveillance cameras in their test lab in the Netherlands. What they found were widely used cameras using weak communication protocols to transmit data over unencrypted channels. The researchers were able to carry out a “man-in-the-middle attack,” which intercepts and manipulates data, to replace footage recorded by the camera with their own. Altering security footage at an airport, for example, could be […]
The post Camera obscura: Researchers say weak protocols are Achilles’ heel of surveillance cameras appeared first on CyberScoop.
A year ago, cybersecurity researchers at Trend Micro who were tinkering with home-automation systems in their spare time decided to make a formal project out of it. One of the researchers invited the others to hack his smart home in Germany and see what they could find out about the underlying protocols used in it. They quickly discovered that not only was the system susceptible to manipulation, but it was also ill-equipped to detect it. The owner of the home found himself moving from room to room, trying to figure out why his lights and window blinds weren’t working. Stephen Hilt, a senior threat researcher at Trend Micro, had inadvertently carried out a denial-of-service attack on devices running on a popular building-automation protocol in the house. The researchers knew where the attack was coming from — Hilt was using a software-defined radio to jam the devices, flooding them with noise — but they didn’t realize how effective it would be. “That was […]
The post By hacking one of their own homes, researchers want to open a window on IoT security appeared first on CyberScoop.
Security experts have in recent months warned that building-automation lags behind other critical infrastructure sectors when it comes to awareness of cyberthreats and appreciation of their potential impact. Now an 18-month research project, which tested malware and exploits on gear made by top vendors, is trying to change that. “In the 18 months that we’ve been working on this, we’ve engaged with a lot of stakeholders from the domain,” Elisa Costante, a senior director at ForeScout Technologies, told CyberScoop. “And now we really see that the reception has changed and everybody has realized the impact can be actually more critical” than many realized. After all, she said, the building-automation sector doesn’t just mean office buildings, but also includes hospitals, airports, and other critical infrastructure. ForeScout researchers assembled a lab of building-automation equipment, threw their custom malware at it, and then documented how effectively their code manipulated the gear. The project culminates Tuesday, when Costante will present her team’s work […]
The post To raise security awareness, researchers spent months hacking mock building systems appeared first on CyberScoop.
Continue reading To raise security awareness, researchers spent months hacking mock building systems
Building Robotics Inc., better known as Comfy, raised $12 million in Series B funding for building automation software that helps companies save energy on office air conditioning while gathering employee-contributed data about the use and occupancy of a workspace.
Emergence Capital led the investment, joined by real estate services company CBRE and Microsoft Ventures.
According to company… Read More Continue reading Comfy raises $12 million for app to end office thermostat wars