BACnet Security Issues and How to Mitigate Cyber Risks
Veridify | The IoT Security Blog
by Harry Ostaffe
2w ago
BACnet is a commonly used protocol for building automation and operational technology (OT) systems, and is used to establish communication between various devices in a network. Because BACnet-based building systems were originally deployed in isolated (air-gapped) environments, BACnet was not designed with security. Therefore, millions of BACnet devices are lacking common security mechanisms such as user authorization, device authentication, and data encryption. This makes BACnet devices inherently unsecure and vulnerable to attacks. BACnet Security Issues and Vulnerabilities Here are several ..read more
Visit website
Improving BACnet/SC with Automated Security Certificate Management
Veridify | The IoT Security Blog
by Veridify Security
3w ago
Managing BACnet/SC security certificates can be a challenging task, especially for large buildings. Just recently at the AHR Expo 2024, we learned of a project that had over 300 devices and the decision was made to use 10-year security certificates due to the multiple days (3-4) of labor needed to deploy BACnet/SC security certificates. The owners didn’t want to pay for the systems integrator go through the effort to manually update security certificates on a regular basis. From a security perspective, using a 10-year certificate is not much better than having no security at all. Fortunately ..read more
Visit website
BACnet MS/TP Security Risks and Vulnerabilities
Veridify | The IoT Security Blog
by Veridify Security
2M ago
What is BACnet MS/TP? BACnet MS/TP (Master-Slave/Token-Passing) is a widely used communication protocol in building automation and control systems. BACnet MS/TP is implemented with a shared bus and one or more building control devices daisy-chained along the wiring from a controller or a BACnet IP router/gateway. BACnet MS/TP Scalability The maximum number of BACnet MS/TP devices allowed is 128 on the same bus. However, the number of devices that can be connected to a single bus depends on various factors including: Baud Rate Cable length Device responsiveness Device type and function In pra ..read more
Visit website
Smart Building Cybersecurity Best Practices
Veridify | The IoT Security Blog
by Harry Ostaffe
3M ago
Understanding Smart Buildings Smart Buildings are structures equipped with a network of interconnected devices, sensors, and systems that collect and exchange data to optimize various aspects of building operations including operational efficiency, sustainability, occupant comfort and experience. These connected components include heating, ventilation, and air conditioning (HVAC) systems, lighting, access control, elevators, life safety, and more. The integration of these systems allows for centralized control and automation, contributing to energy efficiency, cost savings, and improved occupa ..read more
Visit website
AHR Expo 2024 Event Preview
Veridify | The IoT Security Blog
by Veridify Security
3M ago
Veridify Security will be exhibiting at the AHR Expo 2024 in booth S6174. Our demo is getting assembled and being prepared to be shipped to Chicago! Verdify will be exhibiting a live demo of DOME, a building automation cybersecurity platform that protects both new and existing building automation devices.  The newly revised demo platform will showcase: DOME Sentry devices protecting an unprotected building thermostats and controller DOME Sentry device protecting an edge device with BACnet Secure Connect (SC) DOME Client software embedded into an OEM thermostat controller making it inher ..read more
Visit website
The Hack of Marconi’s 1903 Wireless Demonstration
Veridify | The IoT Security Blog
by Harry Ostaffe
3M ago
In the annals of technological history, the year 1903 stands as a pivotal moment in the progression of wireless communication. Guglielmo Marconi, the visionary inventor and pioneer of wireless telegraphy, was set to showcase his groundbreaking technology to the world. Little did he know that this momentous occasion would be marred by an unexpected and audacious act of hacking, revealing the vulnerability of early wireless systems and foreshadowing the challenges of our interconnected future. The Setting: Marconi’s Wireless Revolution At the turn of the 20th century, Marconi’s wireless telegrap ..read more
Visit website
Zero Trust OT Security – Stopping Cyber Attacks on Industrial Control Systems (ICS/OT/SCADA)
Veridify | The IoT Security Blog
by Veridify Security
4M ago
Watch this webinar replay of “Zero Trust OT Security – Stopping Cyber Attacks on Industrial Control Systems (ICS /OT/SCADA)” to learn about applying zero trust security at the device level. This webinar addresses the following topics: ICS cybersecurity standards Existing ICS security approaches Zero Trust and device-level implementation Cybersecurity for existing ICS devices Zero Trust OT Security – Stopping Cyber Attacks on Industrial Control Systems Download the slides (PDF) Learn more about DOME for ICS Contact Us | Request a Demo    The post Zero Trust OT Security – Stopping Cy ..read more
Visit website
How to Conduct a Cybersecurity Risk Assessment for Smart Buildings
Veridify | The IoT Security Blog
by Harry Ostaffe
4M ago
As smart buildings are becoming increasingly prevalent, the integration of advanced technologies into the infrastructure of these structures introduces a myriad of cybersecurity risks. Conducting a comprehensive cybersecurity risk assessment is imperative to identify potential threats, vulnerabilities, and safeguard the integrity of smart building systems. This blog post will explore key steps and considerations involved in conducting a cybersecurity risk assessment for smart buildings. Understanding the Components of a Smart Building Before delving into the risk assessment process, it’s essen ..read more
Visit website
Cybersecurity Awareness Month 2023
Veridify | The IoT Security Blog
by Veridify Security
6M ago
  October is Cybersecurity Awareness Month 2023 and Veridify Security is proud to be a Champion. Here are some great resources to help you stay safe online and respond when a cyberattack occurs. Multi-Factor Authentication Tip Sheet Password Managers Tip sheet Passwords Tip sheet Phishing Tip sheet Software Updates Tip sheet Cyber Survival Guide   For more information and resources, visit StaySafeOnline.org The post Cybersecurity Awareness Month 2023 appeared first on Veridify Security ..read more
Visit website
Share of Worldwide Cyber Attacks by Type 2022
Veridify | The IoT Security Blog
by Harry Ostaffe
6M ago
October is Cybersecurity Awareness Month. While Veridify specializes in cybersecurity for Building Automation, Industrial Controls Systems (ICS/.SCADA), and Critical Infrastructure, we also share in raising awareness for everyone to improve their cybersecurity posture. As the data below indicates, the most prevalent form of cyber crime in 2022 was from phishing attacks. We all see this daily from the deluge of emails that we receive. Most are legitimate, some are caught by spam filters, but some work their way into our inboxes.   Source: Statista – Cyber Attacks by Type The post Sha ..read more
Visit website

Follow Veridify | The IoT Security Blog on FeedSpot

Continue with Google
Continue with Apple
OR