Recent Facebook outage highlights vulnerability of smart buildings
Facebook is one of the world’s tech giants. The company is worth nearly a trillion dollars. Almost half of the planet’s inhabitants, 3.5 billion, regularly use one of Facebook’s applications, including Instagram and WhatsApp. They are at the forefront of the technological revolution and have been a driving force behind many major changes in our society, both good and bad. But for five hours on Monday, all of their global operations were frozen, anyone who typed facebook.com into their web browser was automatically notified that “this site is not accessible.”
Many suspected that the company had been hacked. The outage came just hours after a 60-minute segment aired featuring a whistleblower who claimed the company knew their platform was causing disinformation and hate speech, but failed to do so. much to reduce them. But an official statement later said the problem was caused by a faulty configuration change in the company’s Border Gateway Protocol (BGP) records. BGP is the way ISPs share routing information, so the error essentially removed the map telling computers and cellphones where to find the images of food, cat memes, and news ( real and false) for which the company is known. Several domain registration sites even put the facebook.com domain up for sale when their automated crawlers discovered that the site had apparently expired.
It’s not just the users who have been banned from Facebook. Employees said they couldn’t even enter the building because their badges no longer worked. This was probably one of the reasons the site was down for so long.
So how did this happen? âThis is what happens when systems are not properly segmented,â said Charles Meyers. He worked as the Chief Technical Architect for Wells Fargo for almost twenty years and his work integrating their workplace technology led him to launch the Real Estate Cyber ââConsortium last year. âI felt like Chicken Little,â he said. âI kept telling our team that our office technology was a vulnerability, but most people didn’t believe me. ”
It wasn’t until he walked through a new office with the company’s IT manager that he finally delivered his message: âI asked him how he planned to handle the system’s ghost networks and he didn’t. kept saying “there are no networks on our system that i don’t know of. Then i drove him to a switch and told him he was running on a completely outside Zigbee protocol. our architecture, then he understood the threat.
Facebook’s cybersecurity concerns with their physical office are not unique. There is often a disconnect between a company’s IT departments and the building’s operational technology (OT) personnel, which can lead to a ‘not my problem’ mentality. It can also be due to the way construction systems are outsourced. âThe team that installs and configures building systems are typically not the people who maintain them,â Meyers said. “Installers usually have an administrator account, but then create an operator account once they are done so that the administrator is never updated.” This can lead to laughable and disastrous oversights like guessable usernames like “admin” and predictable passwords like “password”.
Part of the solution, Meyers believes, is to have an industry-wide partnership to help standardize protocols and best practices. âIf enough users and suppliers come together and demand a certain level of security, anyone else creating or maintaining building systems will have to comply,â he explained.
Increased cybersecurity monitoring of the construction system could also affect the relationship between landlord and tenant. Smart occupants can spend as much time analyzing and controlling a building’s digital systems as they spend on its physical properties. Building engineers will need to become familiar with their tenants’ IT practices, and IT departments will need to better understand how operating technology fits into their system architecture.
When Facebook went down, the internet erupted with people exclaiming that the world was a better place without it. Whether the company is a net positive for society is still up for debate, but what is clear is that Facebook’s high-profile tech issues have taught the world l ‘interconnectivity of the internal technology of companies and their offices. Facebook’s pains had self-inflicted, but embarrassing as it could be, it could have been a lot worse. How long before you see another global tech giant shot by a thermostat or switch with a “temporary” password?