In the wake of this month’s global cyberattack, perpetrated by ransomeware called WannaCry, companies around the world are strengthening their efforts to secure their data and avert costly breaches.
A growing wave of malicious attacks have cost major retailers, banks, insurance companies and more billions of dollars in lost business, stock value, legal settlements, data recovery and security costs. Hackers continue to find new and unexpected virtual “back doors” to enter, and one of the latest concerns is commercial real estate.
“Hackers have and will infiltrate building systems, from the lighting to the HVAC to modems and routers,” said JLL Managing Director Steve Pollard, leader of the Multi-site Project and Development Services team. “Fortifying these systems needs to be a top priority for commercial real estate executives and IT professionals.”
Potential building systems vulnerable to infiltration:
- Lighting controls (interior and exterior/signage)
- Surveillance and observation (cameras and recorders)
- Water heaters (boilers) and HVAC (mechanical systems)
- PDU/CDU (smart power strip)
- Security access (card/fob/proximity readers, biometric readers, electrical locks, controllers, smart lock boxes, keyless entry)
- Security/intrusion alarms (alarms, alarm panels, switches, DMP alarm receivers)
- CO/CO2/refrigerant monitors
- Communications (intercom, elevator)
- Elevator (controllers, workstations, isolated servers)
- Irrigation (ex. sump pump)
- Power (monitoring, metering, UPS)
- BMS Network Connected Systems
- Modems, Routers, LANs, etc.
Building systems have quickly joined the Internet of Things, making for smooth, connected operations but exposing properties and their data to online vulnerabilities. What can you do to protect your facilities?
“When we work with clients to strengthen their portfolio’s security, we begin with an inventory and/or survey of existing web-enabled devices,” said Pollard. “We have boots on the ground nationally to efficiently execute this detailed, on-site work, and we’ve surveyed thousands of sites for large corporate clients.”
After auditing existing systems, JLL works with clients’ commercial real estate and IT departments to create a long-term action plan, install software updates, remediate or replace insecure hardware and install other safeguards as needed.
Not unlike averting personal computer attacks, it comes down to common sense. Update, backup, beware, repeat. But with the thousands of sites our clients have both nationally and globally, it pays to have your own small army of professionals staying vigilant and fighting back.