Services ▾
Weak currents and networks

Weak currents and networks

Certified and documented voice-data networks. View category →
Fire safety

Fire safety

Authorized IGSU · ISU approval and authorization. View category →
Cybersecurity

Cybersecurity

ISO/IEC 27001 certificate. View category →
IT Service and Outsourcing

IT Service and Outsourcing

Your IT department, outsourced — support, servers, M365, backup. View category →
HVAC maintenance

HVAC maintenance

Scheduled checks and interventions for air conditioning. View category →
Corporate Sales and SEAP

Corporate Sales and SEAP

IT equipment and security, including through SEAP. View category →
BlogContact
Blog Fire Safety

What happens if ransomware reaches the building's technical infrastructure?

When we hear about ransomware attacks, we usually think of locked computers, encrypted files, and users unable to access their documents. In reality, the impact can be much greater. In modern buildings, IT infrastructure no longer just serves offices and users. It connects and supports critical systems such as:

  • access control;
  • video surveillance;
  • KNX automation;
  • BMS systems;
  • energy monitoring;
  • building management servers;
  • communications systems.

For this reason, a ransomware attack is no longer just an IT problem. It can become an operational problem that affects the entire functioning of the building.

Modern buildings are more connected than ever

In recent years, most technical systems have migrated to IP infrastructures. Video cameras are networked. Access control is managed through software. Automations can be accessed remotely. Building management systems are integrated with cloud platforms. This connectivity brings obvious benefits:

  • centralized administration;
  • real-time monitoring;
  • rapid interventions;
  • reduced operational costs.

But it also introduces a new category of risk: cyberattacks.

How an attack usually begins

In most cases, attackers don't enter through the access control system or building automation. They enter through the most vulnerable point:

  • a malicious email;
  • a compromised password;
  • an infected laptop;
  • a service exposed on the Internet;
  • an account without multifactor authentication.

After the initial compromise, attackers try to move inside the network. If the infrastructure is poorly designed, they can also reach the building's technical systems.

What can be affected?

CCTV systems

In many organizations, video recordings are stored on servers or NVRs connected to the internal network. An attack can affect:

  • access to images;
  • existing records;
  • real-time monitoring capability.

At a time when the organization needs information, it may become unavailable.

Access control

Many modern systems depend on servers and databases. In the event of an attack, the following can occur:

  • impossibility of user administration;
  • unavailability of access logs;
  • difficulties in managing permissions.

Building automations

KNX systems, BMS or other automation platforms are increasingly integrated with the IT infrastructure. If adequate security measures are not in place, compromising the infrastructure can also affect these systems.

Technical servers

The servers that manage the building infrastructure are often considered “secondary” to business systems. Unfortunately, attackers don’t make this distinction.

Biggest mistake: all systems on the same network

One of the most common problems encountered in audits is the lack of segmentation. In the same infrastructure are found:

  • user computers;
  • printers;
  • video cameras;
  • access control;
  • KNX systems;
  • WiFi for visitors;
  • technical servers.

In such a scenario, compromising a single device can provide access to the entire infrastructure.

What should modern architecture look like?

In a modern building, critical systems must be protected by:

Network segmentation

Technical systems must be separated from the user network and from networks intended for visitors.

Strict access control

Administrative access must be limited and monitored.

Multi-factor authentication

Privileged accounts need additional protection.

Backup and recovery

Critical data must be able to be restored quickly.

Continuous monitoring

Suspicious events must be identified before they become major incidents.

A simple example

Imagine a hotel. An employee opens a malicious attachment. The attacker gains access to the internal network. If the infrastructure is segmented correctly, the incident remains limited to the affected area. If all systems are connected to the same network, the impact can reach:

  • hotel servers;
  • video cameras;
  • access control;
  • building automation.

The difference between the two scenarios is not due to luck. It is due to the way the infrastructure was designed.

Cybersecurity is no longer just the responsibility of the IT department

In modern buildings, cybersecurity directly impacts the operation of the technical infrastructure. Administrators, technical directors, and facility managers must view security and automation systems as part of the same critical infrastructure. Protecting it means protecting the organization's business.

How GreenSoft can help you

GreenSoft designs and maintains IT infrastructures, security systems and automation for commercial buildings, hotels, industrial units and public institutions. Through our audit and assessment services we can identify:

  • systems unnecessarily exposed on the Internet;
  • lack of network segmentation;
  • vulnerabilities in technical infrastructure;
  • risks associated with CCTV, access control and automation systems.

In many organizations, the question is not whether there will be an attack attempt. The question is whether the building's technical infrastructure is prepared to withstand it when it does occur.

Request a security audit of the technical infrastructure.

Do you need an evaluation?

Request a Quote
Polon-Alfa
Inim Electronics
Schrack Seconet
Honeywell
Securiton
Bentel Security
Teledata
NSC Sicherheitstechnik
FireClass
Fire Eater
Hilti
Promat
TOA
Schneider Electric
Siemens
Schrack Technik
Riello UPS
Gewiss
Hikvision
Axis Communications
Luxriot
VIGI
Dahua Technology
DSC
Paradox
Ajax Systems
Rosslare Security
YLI
Dell
Seagate
TP-Link
Omada
HP
EnGenius
3M
Fortinet
Grandstream
Panasonic
Polon-Alfa
Inim Electronics
Schrack Seconet
Honeywell
Securiton
Bentel Security
Teledata
NSC Sicherheitstechnik
FireClass
Fire Eater
Hilti
Promat
TOA
Schneider Electric
Siemens
Schrack Technik
Riello UPS
Gewiss
Hikvision
Axis Communications
Luxriot
VIGI
Dahua Technology
DSC
Paradox
Ajax Systems
Rosslare Security
YLI
Dell
Seagate
TP-Link
Omada
HP
EnGenius
3M
Fortinet
Grandstream
Panasonic