A commonly used communication port for building control systems leaves their system data vulnerable to cyber attacks from hackers, according to an FBI industry advisory obtained by Cyberscoop. As cyber threats and attacks become more diverse against Internet-connected buildings, the use of Port 1911, also known as the Fox Protocol, has shed light on a cybersecurity issue that threatens businesses, universities and other private-sector entities across the country and around the world.
“This default port discloses system information without authenticating, allowing cyber attackers to identify devices and systems that are not patched against known exploits,” the FBI alert says, according to Cyberscoop. “Successful exploitation could lead to data leakage and possible privilege escalation.”
The port was developed by Richmond, Va.-based Tridium Inc., which has connected to more than 11 million devices around the globe, and developed the groundbreaking Niagara Framework allowing “plant managers to view video streams, high-rise superintendents to operate air conditioners and elevators, security officials to track personnel inside U.S. military facilities, and nurses to monitor medical devices in hospitals,” according to the Washington Post.
It is not clear if any systems have yet been compromised, although security issues with the Fox protocol can be traced back to 2012, after Tridium’s Niagara was downloaded more than 300,000 times. In July 2012, the Department of Homeland Security issued an alert on Tridium’s cyber vulnerabilities.
Tridium said in a statement that the FBI advisory is outdated, and that it refers to “old vulnerabilities that were responded to and resolved with security updates and patches when they were first identified,” according to Cyberscoop. “We will continue to assess and test the effectiveness of our products and solutions.”
— Cadre Info Security (@CadreInfoSec) December 27, 2018