Menu
Cimetrics
0
  • Home
  • Products
    • BACstac BACnet Stacks
    • BACnet MS/TP, B/IP & B/SC Routers
    • High-Density B/SC Diagnostic Hubs & Site CA
    • BBMD in a Box
    • Secured by Cimetrics™
    • BACnet Modules
    • BACnet Metering Gateways
    • BACnet Web Services
    • BACnet Explorer
    • Request Product Information
  • Services
    • For Building Owners
    • For Product Developers
    • For Facility Managers
    • Request Technical Support
  • About
    • About Cimetrics Video
    • Management
    • Vision
    • History
    • Our Technology
    • Our Customers
    • Case Studies
    • Career Opportunities
    • Terms & Conditions
    • Privacy Policy
  • Contact Us
    • Contact Us
    • Request Product Information
    • Request Technical Support
    • Security Center
    • Do not sell my personal information
    • Product Return Policy
    • Limited Hardware Warranty
  • Blog
  • Sign in
  • United States (USD $)
  • Your Cart is Empty
Cimetrics
  • Home
  • Products
    • BACstac BACnet Stacks
    • BACnet MS/TP, B/IP & B/SC Routers
    • High-Density B/SC Diagnostic Hubs & Site CA
    • BBMD in a Box
    • Secured by Cimetrics™
    • BACnet Modules
    • BACnet Metering Gateways
    • BACnet Web Services
    • BACnet Explorer
    • Request Product Information
  • Services
    • For Building Owners
    • For Product Developers
    • For Facility Managers
    • Request Technical Support
  • About
    • About Cimetrics Video
    • Management
    • Vision
    • History
    • Our Technology
    • Our Customers
    • Case Studies
    • Career Opportunities
    • Terms & Conditions
    • Privacy Policy
  • Contact Us
    • Contact Us
    • Request Product Information
    • Request Technical Support
    • Security Center
    • Do not sell my personal information
    • Product Return Policy
    • Limited Hardware Warranty
  • Blog
  • Translation missing: en.general.country.dropdown_label

  • 0 0

What can we learn from the Target data breach?

February 21, 2014

The Target data breach is far from unique, but the amount of attention and expert analysis it has received should provide an excellent learning opportunity for the building automation community.

It has been widely reported that the initial victim of the attack against Target was a company that provides mechanical services to Target. According to KrebsonSecurity, it appears that the initial attack was via email. You have probably seen email messages that try to entice you into clicking on a link or opening an email attachment; in fact, I receive many such email messages every day, most of which are from people that I know well. However occasionally I receive a message that was constructed with the purpose of attacking the PC (or other device) that I am using to read the message. Such an email might have an attachment containing malware or a link to a web site that will attempt to install malware on my device. Hopefully my antivirus software will protect me, but antivirus software will not catch everything, so I need to be careful about what links I follow and what email attachments I open.

Let's assume that one day I slip up and my antivirus software does not save me, with the result that malware is installed on my PC. Depending on the nature of the malware, the "bad guys" behind the attack on my PC may now have access to my PC, which means that they may be able to use my PC to access or attack other systems.  They might also install a keystroke logging program that can be used to record passwords (and other sensitive information) that I type.

Automation Systems and the Internet

If you are in charge of your organization's building automation system, you might have asked yourself whether the system's operator workstations should be allowed to be used for e-mail or visiting web sites. I have come to the conclusion that in general, operator workstations should not have internet access and should not be used for email. This is especially true if the operator workstation performs an essential function, such as alarm management or collecting important trend data.  Although building operators and service personnel that use the operator workstations have legitimate reasons to access the Internet, access can be provided using other devices that are not connected to the building automation system.

More broadly, I believe that a strong case can be made for creating isolated networks for building automation systems. By that, I do not mean 100% physical isolation with dedicated wiring. And there is still a strong case for allowing service providers limited remote access to the building automation systems, although this comes with some risk that must be carefully managed.

In the case of Target, it appears that attackers used a service provider's access to one Target system in order to attack other systems. That service provider's credentials to access the Target system were most likely stolen following the initial successful attack. The attackers then exploited other weaknesses in Target's systems in order to ultimately gain access to credit card records.

The Target data breach illustrates the risk of allowing service providers remote access to any of your systems. When you do a risk assessment, a good assumption is that your service providers' systems will be compromised at some time in the future.  However, for most organizations, the benefits of allowing remote access can be pretty compelling, and therefore the question will be how to manage the risk.  Your organization's IT staff have relevant expertise, so it is time to get to know them better.

A Shameless Plug for our Services

Cimetrics works with several organizations that have large and complex networked automation systems. If you work for such an organization in the U.S. or Canada, we may be able to help you to solve your network-related problems and to develop standards for your automation networks. We are particularly well known for our expertise in BACnet, and we have considerable experience working with IT departments in large organizations. Please contact us for additional information.

Recommended Reading

Mary Jander's blog post Target Breach: A Warning for 'Dumb' Smart Buildings, and KrebsOnSecurity's blog posts on the Target data breach.

  • Share:

Leave a comment

Comments will be approved before showing up.


Also in Cimetrics News

April 2025 company news
April 2025 company news

May 01, 2025

BACnet User Group June 12, Energy Optimisation with Analytika, April Cybersecurity news, Cybersecurity course from BACnet international and more...

Read More

Cybersecurity news April 2025
Cybersecurity news April 2025

April 29, 2025

CISOs band together to urge world governments to harmonize cyber rules, What To Know About AI, Cybersecurity And Compliance Framework, New Bill Mandates Cybersecurity Overhaul for Federal Contractors and more...

Read More

March 2025 company news
March 2025 company news

April 01, 2025

Why BACstac/DN is the Best Choice for BACnet Development, AI-Ready Buildings, Analytika became a Qualified Service Provider for the New York area and more...

Read More

Follow

Sign up to get the latest on sales, new releases and more…

© 2025 Cimetrics.
Powered by Shopify

American Express Diners Club Discover Mastercard Shop Pay Visa