“HVACking” – Vulnerabilities in Building Control Systems

While taking control of HVAC sounds interesting, taking control of alarms would be a goldmine for hackers. HVACking: Remotely Exploiting Bugs in Building Control Systems.

Security researchers have found a zero-day vulnerability in a popular building controller used for managing various systems, including HVAC (heating, ventilation, and air conditioning), alarms, or pressure level in controlled environments.

To be able to turn off alarms from 10 PM until 5 AM on the evening you are going to break in. Physical access to a building lets hackers do so much more than they can do from outside the company. Not to mention that at least some people are going to have written their passwords on a post-it note.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.