Magazine Button
Rabobank Deploys Building Automation System Security

Rabobank Deploys Building Automation System Security

Building and sign bank (done in 3d)

Rabobank is deploying SilentDefense to improve building automation system (BAS) security.

Customer Profile

Rabobank is a Dutch multinational banking and financial services company headquartered in Utrecht. Serving approximately 8.3 million clients around the world [1], it is the second-largest bank in The Netherlands in terms of total assets, and among the world’s 25 largest financial institutions in terms of Tier 1 capital. With more than 400 offices only in The Netherlands, they offer the most finely-meshed banking network in the country.

The Challenge

Nowadays, a building is increasingly a cyber-physical system (CPS) whose physical components, such as HVAC, access control and elevators, escalators and moving walkways, are integrated and controlled through digital infrastructures. Building automation systems (BAS) integrate, connect and control the building’s different sub-systems to facilitate management operations. In addition, asset inventory is becoming crucial for efficient preventive  maintenance and for compliance with the stringent requirements many countries are imposing on smart buildings.

BAS vulnerabilities have risen 500% YoY [2] in the last three years, and it is becoming increasingly important for owners and managers of critical buildings to address the key issues of asset inventory and cybersecurity.

BAS Threat Landscape

• 500% more BAS cyber vulnerabilities discovered in the last three years [2] • 75% of organizations don’t have a formalized cyber security strategy [3] • 1,500 access attempts every day on a single smart house exposed on the Internet [4] • 68,000 open BAS interfaces easily found on the Internet [4] • 50 billion IoT devices on the network in 2022 [5]

The Project

Rabobank has launched  an initial BAS cybersecurity project to cope with the following challenges: ▪ Protecting networked BAS/IoT devices ▪ Inapplicability of IT security solutions to BAS devices ▪ Limited or no visibility into how devices are operating and whether they are communicating with the outside world

The scope of the OT network to be managed includes several different building automation systems for HVAC,  surveillance, access control and lighting. The initial scope covers more than 500 devices. After a defined learning  period, a thorough penetration testing will be performed to validate the bank’s improved security posture. SilentDefense has been deployed to automatically identify and protect each building automation system on the network, deliver an accurate asset inventory and capture all the relevant cyber and operational threats without the cost and complexity of software agents on endpoints.

Main Results

A complete inventory and network map has been extracted with a detailed view of hundreds of  devices, including their current model, firmware and  vulnerabilities.

Among the relevant findings, SilentDefense detected: • Unwanted communication links between the IT and OT network caused by firewall misconfiguration • Unwanted/unnecessary services and protocols enabled (e.g. file transfer and device discovery services) • Maintenance operations not adhering to policies (e.g. supplier connecting own laptop to the network) • Misconfigured devices (e.g. IP cameras with high bandwidth consumption) • Weak passwords to access IP-cameras, multiple vulnerable hosts and controllers with outdated firmware

Customer Value

• Full visibility into BAS network • Enforcement of compliance with internal network  and maintenance policies • Detection of anomalies and cyber threats to operational continuity • Improvement of the overall security posture

Click below to share this article

Please fill the form below to view the content.

    *Required fields
    First Name *
    Last Name *
    Email *
    Company *
    Industry Sector *
    Country *
    Phone Number *
    Temporary Phone Number *

    Please provide the phone number you can be reached at whilst the world adapts to the COVID-19 outbreak, if different from your regular phone number, in the box below.

    Job Title *
    Company Size *

    In order to be able to provide you with the most relevant data, can you please answer the questions below:
    What are your current priorities with regards to cyber security?
    Did you shift priorities due to the COVID-19 outbreak?
    Which of the following areas do you feel are a business need for your company? – tick all that apply
    Device visibility - know what is connected to your IT/OT network real timeAsset management - to accurately secure connected devicesDevice compliance - to evaluate and ensure complianceNetwork Access Control - to control access easy and simpleNetwork segmentation - to confidently segment your networkIncident response - to respond and remediate quicklyNone of the above

    Yes, I authorize Forescout to receive my personal contact details data for the purpose of sending Forescout information on products, services, and/or events. For more information, please view the Forescout privacy policy here: https://www.forescout.com/privacy-policy/