"Lights Out: Cyberattacks Shut Down Building Automation Systems"

A building automation engineering firm located in Germany suffered a cyberattack that locked it out of the Building Automation System (BAS) it had constructed for an office building client, resulting in loss of contact with hundreds of BAS devices, such as light switches, motion detectors, shutter controllers, and more. The company found that three-quarters of the BAS devices in the office building system network had been locked down with the system's own digital security key, which the attacker took control over. The attack forced the firm to revert back to manually flipping central circuit breakers on and off to control the building's lights. According to Thomas Brandstetter, the co-founder and general manager of Limes Security, whose security firm was contacted by the engineering firm, the BAS devices were bricked as they were wiped to the point that they had no additional functionality. Limes Security was able to retrieve the hijacked Bus Coupling Unit (BCU) key from one of the bricked device's memory, which required creative hacking. The engineering firm was then able to reprogram the BAS devices and run the building's lighting, window shutters, motion detectors, and other systems again. However, this incident is not an anomaly as Limes Security has been receiving other reports of similar attacks on BAS systems running on BAS technology widely used in Europe called KNX. Another engineering firm in Europe experienced a similar type of attack on a KNX BAS system that also locked it out. The common theme among these attacks is that many of the professionals who install and manage BAS systems are not involved in IT or security team operations. BAS systems are instead often handled by engineers and building management firms, with IT and security teams rarely crossing paths with BAS operations. This article continues to discuss the cyberattack against the German building automation engineering firm that resulted in the loss of contact with BAS devices, other similar attacks on BAS systems, and a common security gap associated with such systems.  

Dark Reading reports "Lights Out: Cyberattacks Shut Down Building Automation Systems"