Google Australia's office hacked by researchers

News
By published

Duo gains control of search giant's Building Control System

Google Sydney
Someone needs to Google 'Building system security'

Google goes to a lot of effort to keep its customers private information private. But it seems it doesn't have quite the same level of focus when it comes to keeping its own building systems secure.

Researchers from security firm Cylance found that the Building Control System for Google's Wharf 7 offices in Sydney were vulnerable for attack following a search on Shodan.

The building, which used an unpatched version of the Tridium Niagara AX platform for its building controls, was compromised when the researchers managed to gain access to an administrator's password to the system and access control panels.

Fortunately for Google Australia, the researchers didn't decide to start playing games with the building's alarms or lights, but instead notified Google of the security flaw, allowing the search giant to fix the problem.

From unsecure beginnings

The Cylance researchers also managed to gain copies of Blueprints for the building, including floorplans and roof plans, plus locations of water pipes.

The break in to the system also offered the duo the opportunity to spread mischief. Terry McCorkle, one of the two researchers from Cylance, told Wired, ""From that point we could have actually installed a rootkit. We could have taken over the operating system and accessed any other control systems that are on the same network as that one. We didn't do that because that wasn't the intent…. But that would be the normal path if an attacker was actually looking to do that."

While Google has patched the security hole and the Cylance researchers weren't pursuing nefarious ends, the researchers have stated that there's probably a good percentage of the 25,000 buildings using the same Tridium Niagara AX platform that haven't patched the security hole, making them vulnerable to attack.

Via: Wired

See more Computing News
TOPICS
Nick Broughall
Having spent the past decade editing some of Australia's leading technology publications, Nick's passion for the latest gadgetry is matched only by his love of watching Australia beat England in the rugby.
Latest in Cyber Crime
A person scanning a QR code on a smartphone
Quishing is the new QR code scam you need to watch out for – here's how to stay safe
Ransomware on the rise: how small and medium-sized businesses can achieve cyber resilience during turbulent times
Ransomware on the rise: how small and medium-sized businesses can achieve cyber resilience during turbulent times
Text Phishing Scams
Do not fall for this dangerous Amazon shopping scam
Cyber-security
Safeguarding against next-gen cyber risks
The North Face jacket
Thousands of North Face customers accounts hacked, personal data stolen
Smartphone hacked with data flow in the background
9 signs your phone has been hacked
Latest in News
DeepSeek
Deepseek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring
Nimo N172 laptop

This obscure laptop brand sells a 64GB AMD Ryzen 9 laptop for just over $700 which is faster than the Apple's M4 CPU
DeepSeek

Deepseek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models
Asus Vivobook S laptop on yellow background with price cut text overlay

I've looked through hundreds of laptop deals in the Spring sales - this $599 Asus Vivobook has them all beat
See more latest
Most Popular
Nimo N172 laptop
This obscure laptop brand sells a 64GB AMD Ryzen 9 laptop for just over $700 which is faster than the Apple's M4 CPU
DeepSeek
Deepseek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models
Student with headphones around her neck using a phone while sitting in a cafe in front of a laptop
One of the richest men in the world castigates the billions of dollars spent on buying laptops for US classrooms with no apparent improvements
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring
Tesla Model Y 2025
Tesla’s EU sales are in freefall as VW races ahead, but the Model Y could change all that
Asus NUC 15 Pro+
Asus unveils its most powerful mini PC to date — but I don't think the Intel-powered NUC 15 Pro+ will compete with Strix Halo models
HDD
Seagate teams with Nvidia to build an NVMe hard drive proof of concept, more than 3 years after its last effort
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event