Zero-day flaw found in building control system

(Image credit: Image Credit: Wright Studio / Shutterstock)

Hackers could be able to hack into an entire building due to a worrying security flaw in a popular management software, researchers have revealed.

According to new analysus from McAfee, a vulnerability in a commonly used Delta industrial control system that could allow criminals to gain complete control and gain access to all a building's services.

This could allow hackers to change and manipulate access control systems such as boiler rooms, temperature control for critical systems and much more.

This backdoor was caused by a buffer overflow vulnerability, or a mismatch in the memory sizes used to handle incoming network data.

“It is important for industrial and manufacturing organisations to take a ‘one enterprise’ approach to security and risk management. Many organisations still operate in silo. For instance, a CISO may be responsible for IT only, yet not charged with securing OT environments," said Mo Cashman, principal engineer at McAfee.

"Recent attacks demonstrate that threats to industrial control systems enter from multiple routes. As a result, increased collaboration and achieving one unified view across the digital workplace, cloud services, industrial controls and the supply chain are necessary considerations if an organisation is to maintain business resilience as it transitions to create a factory of the future.”