When we hear about ransomware attacks, we usually think of locked computers, encrypted files, and users unable to access their documents. In reality, the impact can be much greater. In modern buildings, IT infrastructure no longer just serves offices and users. It connects and supports critical systems such as:
- access control;
- video surveillance;
- KNX automation;
- BMS systems;
- energy monitoring;
- building management servers;
- communications systems.
For this reason, a ransomware attack is no longer just an IT problem. It can become an operational problem that affects the entire functioning of the building.
Modern buildings are more connected than ever
In recent years, most technical systems have migrated to IP infrastructures. Video cameras are networked. Access control is managed through software. Automations can be accessed remotely. Building management systems are integrated with cloud platforms. This connectivity brings obvious benefits:
- centralized administration;
- real-time monitoring;
- rapid interventions;
- reduced operational costs.
But it also introduces a new category of risk: cyberattacks.
How an attack usually begins
In most cases, attackers don't enter through the access control system or building automation. They enter through the most vulnerable point:
- a malicious email;
- a compromised password;
- an infected laptop;
- a service exposed on the Internet;
- an account without multifactor authentication.
After the initial compromise, attackers try to move inside the network. If the infrastructure is poorly designed, they can also reach the building's technical systems.
What can be affected?
CCTV systems
In many organizations, video recordings are stored on servers or NVRs connected to the internal network. An attack can affect:
- access to images;
- existing records;
- real-time monitoring capability.
At a time when the organization needs information, it may become unavailable.
Access control
Many modern systems depend on servers and databases. In the event of an attack, the following can occur:
- impossibility of user administration;
- unavailability of access logs;
- difficulties in managing permissions.
Building automations
KNX systems, BMS or other automation platforms are increasingly integrated with the IT infrastructure. If adequate security measures are not in place, compromising the infrastructure can also affect these systems.
Technical servers
The servers that manage the building infrastructure are often considered “secondary” to business systems. Unfortunately, attackers don’t make this distinction.
Biggest mistake: all systems on the same network
One of the most common problems encountered in audits is the lack of segmentation. In the same infrastructure are found:
- user computers;
- printers;
- video cameras;
- access control;
- KNX systems;
- WiFi for visitors;
- technical servers.
In such a scenario, compromising a single device can provide access to the entire infrastructure.
What should modern architecture look like?
In a modern building, critical systems must be protected by:
Network segmentation
Technical systems must be separated from the user network and from networks intended for visitors.
Strict access control
Administrative access must be limited and monitored.
Multi-factor authentication
Privileged accounts need additional protection.
Backup and recovery
Critical data must be able to be restored quickly.
Continuous monitoring
Suspicious events must be identified before they become major incidents.
A simple example
Imagine a hotel. An employee opens a malicious attachment. The attacker gains access to the internal network. If the infrastructure is segmented correctly, the incident remains limited to the affected area. If all systems are connected to the same network, the impact can reach:
- hotel servers;
- video cameras;
- access control;
- building automation.
The difference between the two scenarios is not due to luck. It is due to the way the infrastructure was designed.
Cybersecurity is no longer just the responsibility of the IT department
In modern buildings, cybersecurity directly impacts the operation of the technical infrastructure. Administrators, technical directors, and facility managers must view security and automation systems as part of the same critical infrastructure. Protecting it means protecting the organization's business.
How GreenSoft can help you
GreenSoft designs and maintains IT infrastructures, security systems and automation for commercial buildings, hotels, industrial units and public institutions. Through our audit and assessment services we can identify:
- systems unnecessarily exposed on the Internet;
- lack of network segmentation;
- vulnerabilities in technical infrastructure;
- risks associated with CCTV, access control and automation systems.
In many organizations, the question is not whether there will be an attack attempt. The question is whether the building's technical infrastructure is prepared to withstand it when it does occur.






































