Honeywell security flaw shows danger of controlling facility systems via the Internet

Share this article:

Computer security experts recently found a flaw in a widely used Honeywell product, allowing them to take unauthorized control of buildings' key systems. The findings underscore that caution is essential for long-term care facilities using an industrial control system (ICS) to operate heating and cooling, elevators, alarms or medical equipment, experts say.  

Billy Rios and Terry McCorkle, employed by security firm Cylance, found bugs in Niagara-AX branded products sold by Honeywell's Tridium division. They used the vulnerabilities in the Niagara hardware and software to create a computer script to rapidly take control of an ICS system, which they demonstrated earlier this week at a security summit in San Juan, Puerto Rico.

Rios and McCorkle notified Tridium of the issue prior to their demonstration, and the company released a patch to remove the vulnerability on Monday.

Based on Internet data, more than 21,500 facilities, including some healthcare providers, use Niagara devices, the researchers said.

Smaller wireless medical devices as well as these large industrial systems are at risk of unauthorized control. A security expert demonstrated how to take control of an insulin pump in 2011.

Share this article:

More in News

Septicemia, urinary tract infections rank high on latest list of hospital readmissions causes

Septicemia, urinary tract infections rank high on latest ...

Two infectious conditions common in long-term care settings — septicemia and urinary tract infections — were among the top causes of hospital readmissions for Medicare beneficiaries in 2011, according to ...

PharMerica to pay $200,000 settlement over federal charges of unsafe dispensing practices

Long-term care pharmacy company PharMerica has agreed to pay about $213,000 to settle charges that it dispensed medications without prescriptions and committed other breaches of the Controlled Substances Act, federal authorities announced Wednesday.

Shortchanging the Older Americans Act has led to unnecessary nursing home placements, ...

Chronic underfunding of the Older Americans Act is leading to unnecessary long-term care facility admissions, Sen. Bernard Sanders (I-VT) and 26 of his Democratic colleagues in the Senate said in a recent letter to Appropriations Committee leaders.