Smart Buildings Under Siege: Are You Ready for the Siegeware Showdown?

I have to admit, even though it has been around since 2019, this is a new one for me. However, based on the description of #Siegeware, I came to the conclusion that I had seen one firsthand. I have even published articles and done presentations on this incident that required 92 days to recover from ransomware/equipment destruction. After reading the definition, I realized it was a Siegeware attack.

What is Siegeware?

Siegeware is a type of ransomware that specifically targets smart buildings and their control systems. In a siegeware attack, cybercriminals gain control over a building's critical systems, such as heating, ventilation, air conditioning (HVAC), lighting, security, and fire alarms. They then demand a ransom to restore control to the building's owners or operators.

The term "siegeware" reflects the idea of holding a building "under siege" by taking over its automated systems and disrupting its normal operations until the ransom is paid. The first notable discussions about siegeware appeared around 2019.

What Systems are Targeted?

Siegeware attacks on building control systems can take various forms, depending on the specific vulnerabilities and systems targeted. Some common types are:

• HVAC Control Attacks: Attackers gain control over the heating, ventilation, and air conditioning systems, causing them to malfunction or shut down. This can create uncomfortable or even dangerous conditions for building occupants
• Lighting System Attacks: Cybercriminals manipulate the building's lighting systems, turning lights on and off, or causing them to flicker. This can disrupt normal operations and create safety hazards
• Elevator Control Attacks: Attackers take control of the building's elevators, causing them to stop working or trapping occupants inside. This can be particularly dangerous in high-rise buildings
• Security System Attacks: Cybercriminals disable or manipulate security systems, such as surveillance cameras, access control systems, and alarms. This can compromise the safety and security of the building and its occupants
• Power Management Attacks: Attackers disrupt the building's power management systems, causing power outages or fluctuations. This can affect all other automated systems and create significant operational disruptions

Ransom Demands and Threats

Control Over Systems

Attackers often demonstrate control over building systems to intimidate victims before issuing ransom demands.

Issuing Ransom Demands

Ransom demands typically follow the demonstration of control, pressuring victims to comply to avoid disruption.

Escalation of Threats

If the ransom is not paid, threats may escalate, risking further disruption or making buildings uninhabitable.

Potential Legal Repercussions

Legal Consequences of Attacks

Building owners may face lawsuits and high fines due to siegeware attacks, impacting their financial stability.

Reputational Damage

Attacks can lead to reputational damage, affecting customer trust and long-term business relationships.

Safety Hazards

If siegeware attacks create safety hazards for occupants, building owners may face severe legal liabilities.

Mitigating Siegeware Risks

Employee Cyber Hygiene Training

Training employees on cyber hygiene ensures that they are aware of potential threats and know how to respond appropriately to safeguard company assets.

Investing in Cybersecurity

Investing in cybersecurity measures is crucial to protect Building Control Systems from potential threats and intrusions.

Security Audits

Conducting regular security audits helps identify vulnerabilities in the systems and strengthens overall security posture.

Strong Password Policies

Enforcing strong password policies helps to enhance security and prevent unauthorized access to sensitive information.

Resilience Against Intrusions

Ensuring systems are resilient against intrusion attempts is vital for maintaining the integrity and safety of automation systems.

Conclusion

Risks of Siegeware Attacks

Siegeware attacks can jeopardize the safety of occupants and disrupt business operations, making awareness crucial.

Understanding Attack Methods

Comprehending the techniques used by attackers is vital for enhancing security measures in smart buildings.

Implementing Security Measures

Adopting robust security measures can significantly reduce the risks associated with siegeware attacks and protect occupants.

Reference Links

Siegeware: Don't let hackers hijack your smart building

Siegeware and BAS attacks, an emerging threat | LevelBlue

How-Siegeware-Can-Turn-Smart-Buildings-into-Hostages