If you have ever read any of 5Q's blogs, LinkedIn posts, attended a webinar or have heard our team members speak at conferences, then you know 5Q preaches a lot about the simple things you must be doing to secure the OT (Operational Technology) networks at your properties. Simple things like changing the default credentials on any system that controls crucial building services, like HVAC, lighting, access control, surveillance, etc. Also, these systems should not have a direct connection to the public internet. There are better and more secure ways of providing access. Are you doing those things? Are you sure your building systems are not open to the internet for everyone to see and attack?
We perform a lot of building cyber security assessments on OT networks. You may be surprised that we continue to see a large number of systems connected directly to the internet with no cyber security, with default or easy to guess credentials allowing anyone to view and control one of these systems.
How and why does this continue to happen? In most cases the vendor and/or building staff need remote access to a system allowing them access from home or another building for after-hours support. In some cases, physical access to a system from inside a building is difficult and a local Wi-Fi device is connected to the OT system inadvertently opening that system to attacks.
How can you determine if one of your systems are open to the internet? Simply browse to the public IP address of your building or properties internet connection. This is the first and most basic test. If a login screen is displayed, your OT system is available to the entire world. Many properties have more than one internet connection and some internet connections have more than one public IP address. To find the right IP address, from a computer on the OT network, browse to https://www.whatismyip.com.
Another item to check is the presence of a firewall between the internet modem or internet connection and your OT systems. The presence of a firewall provides an indication that the OT installer was concerned about cyber-attacks. But the question remains, is the firewall properly configured?
There are many remote access software vendors, some software is free, known as freeware, and others require an annual payment. Freeware is great, but how are you to know that this software is free from cyber defects?
To complicate matters, some paid software versions require MFA while others do not. Can it be integrated to your current MFA? Does this make it too complicated to operate or maintain the system?
To protect your OT systems you need strong audited policies defining how OT systems are securely connected to the internet. You need policies that require vendors to follow basic cyber hygiene such as patching, updating, regular cyber audits and real time cyber monitoring.
5Q’s Cyber division can help you by assessing your current state of cyber security and providing prioritized, proactive steps to get you to a more secure state and keep you there. To learn more about 5Q Cyber's full suite of cyber security services for commercial real estate organizations, visit 5qcyber.com or reach out to us directly at info@5qcloud.com.
Comments