Fighting hackers with hackers: fortifying smart buildings from attack
What secrets are our buildings telling on us? And how can companies protect themselves from hackers? Philip Ross suggests a self-attack strategy could help
Growing awareness of data security has led to people fiercely protecting their personal information and digital footprint. Yet while people generate new impenetrable passwords and celebrate the introduction of GDPR, they are unaware that the thing closest to them may be leaking the most intimate information.
Passively sat in the pockets of our jeans, at the bottom of our handbags and on the table by our beds are our mobile devices, drinking in the personal information we share with them and invisibly exhaling it out again. Glenn Wilkinson, a self-proclaimed ‘good’ hacker, demonstrated to the audience at Smart Buildings 18, a spin off conference of the WORKTECH event series, how ready and willing our mobile devices are to give up personal information without our knowledge.
Quietly sat at the back of the conference, Wilkinson used a small antenna on a piece of kit to collect data points from the phones of the audience members to learn the places we had visited in the past six months. When it was his turn to address the conference, he displayed a world map with red pins showcasing where we had visited. And there it was – a trail of red pins mapping my every location in the past six months, on screen for everyone to see.
This was a rude awakening into how vulnerable we, as workers and consumers, are to security breaches from the very thing we trust most: our phones. And if we, as individuals, are under attack from our own devices, what does this mean for companies who are investing millions of pounds into hyper-connected digital smart office buildings?
Attacking ourselves to stay safe
While most organisations are lauding the emergence of an integrated ecosystem of smart devices to improve employee experience and productivity, there is also sense of foreboding. As the surface area of connected devices continues to grow, the threat of hackers piercing into sensitive and secret data also grows. If our own smart phones are telling tales on us, what about the smart offices we work in?
‘Digital surface areas are growing, and so is our vulnerability…’
But it isn’t all doom and gloom. The solution simply lies at the very source of the problem – with the hackers. As digital webs evolve, so do the hacker’s capabilities. New systems and developments need to be constantly probed and tested by ‘good’ hackers to highlight weak spots within the smart building ecosystem. Companies that hide behind the digital fort of a smart building would be well advised to launch a self-attack strategy that enlists the help of hackers to infiltrate the system. Once hackers have found their way in, companies need to work on updating and developing new software to erase the threat.
This same principle applies to the emergence of smart cities. Perhaps the biggest digital surface area yet, smart cities face the biggest risk from hackers. An insignificant street light or traffic light could provide a seamless route for a hacker to access the heart of an organisation’s central control system in a connected smart city.
In the wake of smart technology, companies are forced to be smarter. Smart buildings and cities are well on the way to shaping the future of work and the workplace, and it is something that needs to be welcomed and championed rather than feared. Companies need to be vigilant and fortify their workplaces effectively because not every cyber-attack is proactive, hackers could be casually lurking on the periphery and simply collecting data seeping through the walls of the office. Fighting the hacker’s fire with fire ? – now there’s a good idea.