[LINK] First world problem: outsourcing building controls
Jan Whitaker
jwhit at janwhitaker.com
Tue May 7 08:45:47 AEST 2013
Google's offices in Sydney were (are?) hackable, along with evidently
a lot more.
http://www.theage.com.au/it-pro/security-it/australian-google-office-building-hacked-20130507-2j416.html
The story says that most building management systems (security, hvac,
lighting, etc.) are installed and managed by 3rd parties. The
perceptions in the comments are interesting, e.g. Carole:
I worked for an organisation that built a new works plant, with all
of the latest SCADA technology. Controlled through an unencrypted
HTTP data channel. No one except for me cared, and I told it was not
my job to worry about it. As far as I know, it's still vulnerable.
And yeah, these systems could raise and lower gates that would allow
access to the org's assets behind the fence, unlock garage doors on
big sheds storing heavy equipment, and so on.
So here's a risk management question:
If a building is breached and a burglary/damages/worse takes place as
a result of a hacked 3rd party building control system, whose
insurance company bears the cost and to what level?
Jan
Melbourne, Victoria, Australia
jwhit at janwhitaker.com
blog: http://janwhitaker.com/jansblog/
business: http://www.janwhitaker.com
Our truest response to the irrationality of the world is to paint or
sing or write, for only in such response do we find truth.
~Madeline L'Engle, writer
_ __________________ _
More information about the Link
mailing list