Researchers expose how hackers can hide in smart buildings undetected
Security researchers demonstrated that automated building systems can be fooled into creating false or missing activity logs, potentially allowing intruders to operate invisibly. The findings raise serious concerns for crime scene investigations, workplace security, and facility managers relying on sensor data to track building occupancy and detect unauthorized access.
Originaltitel: The ghost in the building: Non-invasive spoofing and covert attacks on automated buildings
<p>Sensor and actuator event log analyses within the context of digital forensics are crucial for understanding events in automated buildings, such as in a building automation and control system (BACS) or a home automation system (HAS). Conclusions drawn from erroneous, misleading, or corrupted log data may adversely affect crime scene investigations and reconstructions. This work aims to raise awareness of the potential risk of misinterpretation due to corrupted or tampered data from BACS or HAS event log systems.</p><p>A series of non-invasive sensor and actuator attacks on such systems was designed and conducted to determine the feasibility of: 1) injecting spoofed pyroelectric infrared (PIR) and carbon dioxide (CO<sub>2</sub>) sensor event log records, 2) becoming invisible to PIR sensor and CO<sub>2</sub> sensors, and 3) mimicking the behaviour of an actuator with the aim of injecting spoofed event log records. The study also concludes that sensor fusion can reveal activities that were concealed from CO<sub>2</sub> sensors. Furthermore, this work discusses the adversarial perspectives in the cyber-physical (CPS) domain in relation to these findings.</p>