Chartered Institute of Building Magazine of the Chartered Institute of Building
  • 15 May 2017

Cybercrime: the dos and don'ts of smart tech

The recent cyber attacks of the NHS and other organisations around the world has once again trained the spotlight on cyber security. Insurance broker Premier BusinessCare runs through some dos and don'ts around smart technology in buildings.

In a recent survey, the Electrical Contractors’ Association (ECA) found that four in 10 buildings are at major risk from cyber attacks. The same study found that “Internet of Things” technology, such as smart boilers, radiators, lighting systems and entry systems – all connected to the internet – are providing a gateway to hackers.

As these smart systems are installed more frequently in buildings, it is likely hacking and exploitation will grow at a similar rate.

Smart technology is a growing threat to home and office security, say leading cyber security experts.

One high-profile incident which shows the vulnerability of devices reliant on mobile internet involving smart technology involved car manufacturer Chrysler. Its self-driving cars had their brakes disabled by hackers due to their lack of adequate security software.

One common way hackers are gaining unsolicited entry to data is through what’s known as a DDoS (Distributed Denial of Service) attack. DDoS attacks focus on disrupting a service to a network by overloading it with traffic, potentially causing it to crash. This leaves the door open for hackers to gain entry or demand payment to stop the attack.

One recent DDoS attack occurred in October 2016. Hackers used internet-connected smart home devices, such as CCTV cameras and printers, to form “botnets” (huge groups of connected hacked devices) to bring down popular websites such as Twitter, Spotify and Reddit.

Robert Hadfield, of, says there are two ways users can protect themselves from DDoS attacks. The first is to monitor network traffic regularly, which will help indicate any unusual activity and can block attacks that are in progress.

The second is having a recovery plan and using “an external provider or a back-up system to host your network so that you can still trade and appear online whilst the problem is being fixed”.

Although difficult to detect, the general rule of thumb for cyber security is to stop intruders before they have started. “Prevention is the answer,” says Hadfield. His top three preventative methods are:

  • Encrypting data.
  • Making sure installations are protected with complex usernames and passwords.
  • Ensuring cyber protection software is properly updated and regularly checked.

“Software updates stay in line with current threats online, so make sure that you update them as soon as you are prompted.”

“Aligning with software updates is especially important when installing smart technology in buildings.”

Another concern for homeowners and businesses is just how devious cybercrime has become. Dr Jessica Barker of cyber security consultancy firm, J L Barker Ltd, says: “From an attacker’s point of view, artificial intelligence represents an opportunity. For example, with the potential for malware that learns about the victim’s environment and evolves to evade defences and detection.”

Lee Munson, security researcher at, refers to this clandestine approach as “creative criminality”.

While the cybercrime debate continues, what’s clear is safety standards need to be introduced to prevent smart technology opening the floodgates to hackers.

To protect both your business and your clients, it is vital to get it right first time when installing smart technology into buildings. Care must be taken to ensure the technology is properly secured and can be updated regularly after installation – otherwise it is easy to envisage a situation where a construction company could be held liable for a cyber attack on a company via the smart technology integrated into the build.

Image: Elnur/

Leave a comment


25 May 2017 Fire investigations uncover the cost and scale of poor workmanship

25 May 2017 Build UK works towards single safety assessment

25 May 2017 Skanska names new executive vice president

25 May 2017 ITV submits plans for new South Bank HQ

25 May 2017 Cooling system for Qatar 2022 stadium revealed

25 May 2017 VIDEO: First phase of Wimbledon's No.1 Court project completed

25 May 2017 Arup attacked by 'ransomware' in Hong Kong

23 May 2017 Reader panel's thoughts on the general election

23 May 2017 New procurement method to trial at Derby Silk Mill

23 May 2017 Housing associations' output up 13% last year

23 May 2017 Wates promotes sustainable innovations again

23 May 2017 The world's five most important mega-projects

23 May 2017 Chris Blythe picks up leading membership award

22 May 2017 General election: What policies will win construction's vote?

22 May 2017 Three company directors jailed for manslaughter

22 May 2017 Qatar 2022 workers still suffering abuse, says Amnesty

22 May 2017 L&G makes senior hires to boost offsite operation

22 May 2017 Sky Fence stops drones flying over prison

21 May 2017 CDM 2015 reforms fail to hit home, reveals survey

18 May 2017 Wates to revamp Goldfinger's Brutalist tower