Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Cylance. Show all posts

Vulnerability lets Hacker to access Building Control System of Google's Australian office


Earlier this year, Security Researchers Billy Rios and Terry McCorkle from Cylance demonstrated a newly discovered zero-day attack on the Industrial control system at the Kaspersky Threatpost Security Analyst Summit.

The Industrial control system is a computer-based system used to control electronic door locks, lighting systems, elevators, video surveillance camera, electricity and boiler system via the internet - used by the military, hospitals and others

The researcher noted the security flaw in the Tridium Niagara AX Framework allows a hacker to access the sensitive file of the system, "config.bog" file which contains username and password for all devices.

Their research reveals the Internet giant Google using Tridium Niagara for various Building Management Systems in their Google Wharf 7 building is also affected by this zero-day vulnerability.

Although Tridium has released a patch for the system, Google's fails to patch the vulnerability which allowed the researchers to access the config.bog file of Tridium device used by the Google.

The credentials stored in the config.bog file allowed them to get into the admin panel of the device.  The panel gave access to a variety of Building Management features including "Active Alamrs", "Active overrides", "Alarm console".

Researchers reported this issue to the Google Vulnerability Rewards Program (VRP).

The researchers stated more than 25,000 of building using the Tridium Niagara AX system that haven't patched the security hole are vulnerable to hack.

"If Google can fall victim to an ICS attack, anyone can." Researcher noted.