Hackers use smart-control of buildings for DDoS attacks

Get a free Techzine subscription!

A vulnerability that allows even ‘inexperienced hackers with little expertise’ to access the smart-control of some buildings and launch a DDoS attack from there. Because Nortek Security and Control (NSC) has failed to address a vulnerability that was identified almost a year ago, this has become a reality.

The NSC’s Linear eMerge E3 system ensures that employees can or cannot pass through certain doors, depending on their access code or access pass: for example, a car park, a certain floor in an office building or the entire location of a company. In May of last year, Applied Risk researchers announced that there was quite something wrong with the product and that no less than ten significant vulnerabilities had been discovered: six of those ten would pose a huge risk (at least a score of 9.8 out of ten) to security. NSC did not come up with a patch.

Knowing that significant vulnerabilities had been found, malicious parties then started looking for locations where the NSC’s Linear eMerge E3 is used, SonicWall believes. The most commonly used vulnerability is one in which hackers can easily inject code remotely: even if it is a hacker with little technical knowledge and skills.

This vulnerability provides access to the system after which malware can be downloaded and installed. From there, it would be easy to launch a DDoS attack on any target, the first of which, according to Bad Packets, could be seen at the beginning of this year.

Risk is not too great, but action is necessary

According to SonicWall, carrying out DDoS attacks using NSC’s product is still feasible, as only smart controls that have access to the Internet are involved. Only a little over two thousand of them are said to have access to the Internet. A bigger problem is seen in the fact that the access could be used to get deeper into a company’s network.

It is therefore advisable to stop giving Linear eMErge E3 access to the Internet, or to reduce access by means of a firewall or VPN.