Attacks were launched against building automation systems in several Asian organizations to gain access to more secure areas of their networks. They used Microsoft Exchange vulnerabilities known as ProxyLogon. The ProxyLogon attack can be used against unpatched mail servers running Microsoft Exchange Server 2013, 2016, or 2019 that are set up to receive untrusted connections from the outside world. This enables threat actors to execute commands on unpatched, on-premises Exchange Servers. The threat actors used this to access even more secure areas of the network, allowing them to collect previously protected data and information that is likely damaging to the company.
Principal, Tom Shircliff, Vice President of Client Services Andy Schonberger, and Director of Cybersecurity, Fred Gordy Will Be Speakers At 2022 Realcomm IBcon
Tom Shircliff, Andy Schonberger, and Fred Gordy will speak at this year’s Realcomm IBcon commercial real estate conference in Orlando June 15-16. The event will center around the theme of “the Intersection of Commercial and Corporate Real Estate, Technology, Automation and Innovation.”
These buildings promise healthier, happier workplaces. Experts point to privacy and cybersecurity concerns.
The moment that Honeywell International Inc. employees enter their new headquarters in Charlotte, N.C., the smart building goes to work.
A camera recognizes employees’ faces and hails an elevator programmed to bring them to their floor. Sensors on the walls measure particles and CO2 levels in meeting rooms, pumping in fresh air when levels rise too high. Higher levels of certain particles mean it is more likely that viruses could be present. In a control room, big screens show every floor in the 23-story building.
By Tom Shircliff, Principal, Intelligent Buildings
We all know about cybersecurity risks either firsthand or from the headlines that tell of high-profile incidents involving credit card records, government records, corporate email and social media accounts. Add to that critical infrastructure incidents involving municipal water systems and gasoline pipelines, along with more threats from nation states, including Iran and Russia.
Before the Russian troops and tanks moved into Ukraine, Microsoft got alerts for new malware aimed at government systems in the besieged Eastern European nation, according to the New York Times.
But to assume that cyberattacks will direct themselves only to government systems and not to companies located in countries that have attracted Putinian ire would be foolish.
By Tom Shircliff, Vice President, Intelligent Buildings
No matter what business you are in, it’s almost surely conducted inside of four walls of commercial real estate including office, industrial, mixed use, healthcare etc. This means, like or not you are exposed to significant operational interruption because of the many digital systems that are required to allow occupancy. To make it worse, those contractors that manage and mismanage those systems don’t work for you and are several layers away from a risk manager, CIO or other accountable roles.
We are alerting you that we recently detected and eliminated a Russian malware attack on a commercial real estate building through our multi-dimensional managed service protection. We are linking the incident to Russia based on a bulletin about a specific malware threat from CISA naming the malware that we discovered.
ICYMI: Intelligent Buildings spotlights APC Smart-UPS TLStorm vulnerabilities that allow attackers to cause cyber and physical damage through undetected remote access.
Over 20 million APC Smart-UPS (or uninterruptible power supply) devices are currently deployed worldwide. These devices are widely used in Commercial Real Estate, banking, hospitals, data centers, and media. Armis security researchers found a flaw, dubbed TLStorm, that allows attackers to take over these devices remotely. TLStorm has two critical vulnerabilities:
- One in a design flaw, in which firmware upgrades of all Smart-UPS devices are not properly signed and validated
- One in the TLS implementation used by both Cloud-connected Smart-UPS devices and a third critical vulnerability
CHARLOTTE, N.C. (Jan. 25, 2022) – Intelligent Buildings, LLC announced the promotion of Amanda Loeffert to director of content strategy. Her new role will lead company efforts to create a compelling content and marketing strategy that supports key business initiatives.
Loeffert joined Intelligent Buildings in 2018 and has extensive experience in marketing, content creation and professional writing. In this new role, Loeffert will lead the company’s internal and external content and marketing efforts across all channels, ensuring cohesive, strategic and branded content.
“Amanda’s work over the last four years has proven her creativity and comprehensive knowledge of the field,” said Greg Hoogerland, president of Intelligent Buildings. “Her adept understanding of the company makes her a skilled leader and effective marketer. We trust her to tell the story of Intelligent Buildings and the clients we serve through dynamic content and strategic marketing.”
Loeffert previously served the company as a technical writer and manager of shared services. Prior to joining Intelligent Buildings, Loeffert exercised her knowledge of the communication industry as a lecturer at the University of North Carolina at Charlotte.
“I am confident that this role will enable me to better utilize my skills and create success for the company,” said Loeffert. “I have grown tremendously in my time here and am ready to lead in a new way as director of content strategy.”
Loeffert earned a bachelor’s degree in psychology from the University of Pittsburgh and a master’s degree in English from the University of North Carolina at Charlotte. Outside of work, she enjoys rock climbing and supports the American Society for the Prevention of Cruelty to Animals (ASPCA). To learn more about the Intelligent Buildings team and work, visit IntelligentBuildings.com.
About Intelligent Buildings, LLC
Intelligent Buildings® is the only company focused on Smart Building advisory, assessment, and managed services at scale for both new projects and existing portfolios. We help our customers manage risk, enhance occupant well-being, and continually improve performance by providing unmatched expertise, practical recommendations, and targeted services. Since 2004, we are the most trusted and experienced name in Smart Building services. Learn more at IntelligentBuildings.com.
Mary Claire Hill
501-519-1772 | [email protected]