Hacking Intelligent Buildings and a Journey into a Modern Private Hospital at #HITB2018AMS
Amsterdam – 24 March 2018: The Industry Internet of Things (IIoT) is at the forefront of smart connected buildings. In the race to be the first to capture any slim openings in this competitive space, device manufacturers may compromise on security standards in order to release their products to market quicker.
Researchers at Tencent Security team comprising of Yong Yang, YuXiang and HuiYu Wu will present their security research test results of multiple real-world ZigBee devices manufacturers (ABB, Samsung, Xiaomi and others) at the 9th annual Hack In The Box Conference in Amsterdam next month. Their presentation titled “Hacking Intelligent Buildings: Pwning KNX & ZigBee Networks”, will also demonstrate an attack using only an official and cheap mainstream device, showing the possibility of taking over a full Zigbee network.
A demo video and an excerpt of their presentation can be found here:
The implications of a vulnerability in devices controlling a smart building have greater concerns if the building involves preserving the safety of its occupants, such as in a hospital. Asaf Cohen and Ofir Kamil, researchers at Maglan, will present the technology components, security findings and human behaviour elements in their month-long project at a modern private hospital. Their paper titled “Somebody Call a Doctor: Hacking a Hospital for Fun and Profit”, will bring scary, funny and shocking insights to a place where many people place an inherent trust with his or her lives. Asaf’s and Ofir’s presentation summary can be found here: