Smart buildings targeted in cyber attacks

By Dylan Bushell-Embling
Friday, 10 December, 2021

KNX National Group has warned that its smart building installations are increasingly becoming the subject of cyber attacks.

The company has urged customers and other smart building owners to ensure that if installations are linked to the internet, they use a VPN tunnel for access. This should be backed by the use of strong passwords.

KNX said special attention is needed for installations in public areas, such as those where people are able to wander around without any surveillance. This could leave any wired automation system in this environment vulnerable to attack.

But the company said installations using wireless communication are the number one attack target, and should be supported with additional security functionality.

Another tip for securing smart buildings includes using a VLAN separation between a building’s IP backbone and other IP networks, ensuring that they are accessible only via a suitable firewall.

“These cyber attacks can be easily avoided in the case of KNX installations by ensuring the installation is never directly (without a VPN) accessible via the internet,” the company said in a statement.

“Following heavy investments from both the KNX members as well as the KNX Association, last year and this year tangible KNX Secure products became available. All of these products were submitted to the stringent KNX certification process, during which their conformity to implemented AES128 authentication and encryption mechanisms are put to the test.”

Image credit: ©stock.adobe.com/au/krunja