The Institution of Engineering and Technology (IET) has warned about risks related to modern Internet-connected buildings and launched new guidelines to help owners protect their assets against hackers.
The Code of Practice, 'Cyber Security in the Built Environment', offers practical advice on effective cyber-security management practices to protect building management and information systems from the growing risk of cyber-attacks.
“Failure to address cyber security risks could have as dire consequences as neglecting health and safety, such as serious injury or fatality, disruption or damage to building systems and loss of use of the building,” said Hugh Boyes, IET Cyber Security Lead and author of the Code of Practice.
“It’s tempting to think that hackers attacking buildings and their operating systems are the reserve of science-fiction movies, but these kinds of attacks are already starting to happen in real life. Hackers have attacked building management systems governing heating, ventilation and air-conditioning systems.”
The premise for the Code of Practice is that building owners, operators and occupiers need to understand cyber security and promote awareness to a building’s stakeholders. This includes giving appropriate briefing to the design, construction and facilities management teams. The Code of Practice also covers personnel security advice as today’s building management must also consider threats from disgruntled staff or contractors.
“While hacker attacks of this kind remain relatively rare, building owners and managers can’t afford to be complacent,” Boyes said.
Buildings are becoming increasingly complex and dependent on the extensive use of information and communications technologies, which in turn makes them more likely to be targeted by various cyber criminals.