No ghosts in the machine
Imagine a completely automated city, where every building is a living organism, pulsating with electronic systems that regulate everything from energy consumption to the safety of its occupants. In a forgotten corner of this technological landscape, a hacker, thousands of kilometres away, inserts a line of malicious code that spreads like a virus. Within minutes, harmony gives way to chaos, with lifts stopped, lights flashing erratically, and security systems disabled. This scenario is not taken from a science fiction film, but a tangible possibility in the world of building management systems, where cybersecurity is a fundamental element.
Threat Profile for Technical Management Systems
In today’s context, it is crucial to be aware of the threats that can affect critical infrastructures such as energy, medical and other systems. Such threats include ransomware intrusions that can disrupt operations and sensitive data leaks due to outdated software. Denial-of-service (DoS) attacks that can paralyse entire systems, and phishing, which aims to trick individuals into divulging confidential information, as well as attacks targeting poorly protected network interfaces, allowing unauthorised access to control systems. All of this decreases uptime and undermines trust. However, with significant technological advances in incident detection and response, organisations are able to maintain effective control over these risks without cause for excessive alarm. Modern security strategies ensure that most threats are managed proactively and efficiently.
Barriers and Armour: Technologies and Defence Strategies
Implementing robust defences is essential to protecting SGTE. In addition to traditional practices such as firewalls and anti-virus, emerging technologies are being adopted:
- AI-enhanced Detection and Response Systems: These systems use artificial intelligence to detect unusual attack patterns, continuously learning to improve detection. The BrainBox AI technology we use has a Security Scorecard Rating “A” of 97 per cent.
- Integrated Encryption Systems: BACnet Secure Connect (BACnet/SC) is an extension of the BACnet protocol (the global data communications standard for building automation that we use at WiseBuilding) that provides a secure, encrypted communication layer for IP networks in building automation systems. This protocol uses WebSockets and TLS to guarantee peer authentication, message encryption and reliable, connection-orientated communication. With this, BACnet/SC allows devices within building automation systems to establish secure connections, transmitting BACnet messages securely and privately, essential for applications sensitive to cybersecurity issues, on a par with banking applications.
Cyber attacks have significant financial consequences for the organisations affected. For example, the WannaCry ransomware attack cost the UK’s National Health Service more than 100 million dollars, according to data from 2023. In addition, the average cost of a data breach in financial services can reach up to 4.45 million dollars, highlighting the high vulnerability and costs associated with these incidents in critical sectors. ( varonis ).
As far as mitigation strategies are concerned, the adoption of a zero-trust architecture is highly recommended to address the risks arising from remote access and integration with the Internet of Things (IoT), which can create significant vulnerabilities (McKinsey & Company).
Navigating the Future of Cybersecurity
The industry is moving towards a more holistic approach to cybersecurity, which not only responds to incidents, but also anticipates and prevents them. The development of stricter security standards and protocols, along with an integrated security culture, are critical steps for the future.
However, it is crucial to recognise the growing sophistication and frequency of attacks. Studies indicate that more than 40 per cent of industrial systems connected to the Internet have been the target of intrusion attempts in the last two years. What’s more, techniques such as network segmentation have reduced security incidents by 55%, demonstrating the effectiveness of modern defences. The implementation of artificial intelligence and machine learning is also catching on, with forecasts suggesting that 60 per cent of security operations in smart buildings will be automated by 2025, providing faster and more accurate responses to threats.
The evolution of technical management systems brings numerous advantages to building management, but it also increases the responsibility of protecting these systems against threats. Is your building protected?
WiseBuilding® is technically qualified to support any project that includes the integration of GTC/SACE, IoT, automation and energy management systems without ever losing focus on safety. Contact us.
WISEFRAMEWORK is a BACnet B-AWS certified software solution for state-of-the-art integration, control, management and visualization in building automation systems. Designed to redefine the way buildings are operated through an open platform and seamless harmonization between building-generated data by supporting multiple protocols including BACnet, Modbus, KNX, OPC-UA and MQTT. Through the use of Haystack technology, the software also empowers the building for the future at the forefront in the integration of the various technical systems.