This article on attacks against BMS (Building Management Systems) piqued my interest for a number of reasons.
Firstly, as alluded to by the author - the more thrilling and outlandish hacks featured in films like Mission Impossible and Mr Robot - are reality.
Secondly, real and severe vulnerabilities exist - and have been identified in popular BMS platforms. These are open enough to full access with relatively trival effort - allowing a threat actor to control door access, HVAC, security systems through backdoor access to the (always connected) BMS web interface.
Lastly - I've seen the other side of this; security practitioners working in these specific organisations who are fully aware of both the impact such hacks can have, and the ease of which the systems can be compromised. As in many ICE/OT organisations - there are always security staff who do truly understand the implications.
For me - the quote that really sums up the problem is:-"The DHS advisory cautioned that an attacker could gain “full system access” to the BMS through an “undocumented backdoor script.” This would allow an attacker to run commands on a vulnerable device with the highest privileges. The advisory also noted that the vulnerability required a “low level” of skill to remotely exploit, and was rated 10.0, the highest rating on the industry standard common vulnerability scoring system. The authors wrote that exploiting the vulnerability could make it possible to “shut down a building with one click.”
This is the latest in a line of escalating ICS type hacks, with Norsk Hydro (that I've covered previously) and chemical manufacturors Momentive and Hexion in recent memory - all demonstrating the infancy the industry is in; and the absolute criticality the control and visibility of the OT/IOT boundary bears.
Mission Possible: ICS Attacks On Buildings Are a Reality