Why Hackers Love Smart Buildings

Buildings are getting smarter, and that opens them up to a host of new cybersecurity risks.

In recent years, building managers increasingly have relied on internet connections and computer networks to manage pretty much any part of a building you can think of—including elevators and escalators; ventilation, heating and air conditioning systems; office machines like printers and conference-room audiovisual equipment; security and fire-safety systems; and appliances like refrigerators and coffee makers.

These smart technologies can make buildings more efficient and monitor maintenance and repair needs, allowing building operators to address problems proactively, rather than fixing malfunctions as they occur. During the pandemic, they have made it easier to monitor airflow and people’s movements within buildings.

Smart buildings “satisfy a lot of things that we’re trying to do in real estate,” says Jason Lund, a managing director at commercial real-estate services company Jones Lang LaSalle. He says, among other things, it allows building managers to create more-sustainable and greener buildings, deal with Covid risks more effectively, and maximize space more efficiently.

“All of those things being managed technologically is a good thing,” Mr. Lund says. “The backside of it is that all of them become hackable.”

The problem isn’t just that hackers can gain access to any one building-management system. The real danger is if they are able to gain access to a single system—say, lighting—and then find their way from there into many or all of the building’s other systems, whether those systems are linked to a common network or not.

“They can control lights, they can control air flow, they can control the elevators—anything that you can think that a building does can be exposed,” says Fred Gordy, director of cybersecurity at Intelligent Buildings, a smart-building consulting and advisory firm. “We had a particular case where it was a hospital group” whose systems were attacked for a ransom, he says, “and they were unable to do anything with the systems, so they had to cancel surgeries [and] send people away.”

Mr. Gordy says the number of ransomware attacks on the firm’s clients grew 600% in 2020. In 2019, he says, “our customers that were attacked represented 100 million square feet in commercial real estate. In 2020, our customers that were attacked represented 1.8 billion square feet of commercial real estate.”

What’s more, hackers who infiltrate building-management systems might also be able to work their way into a company’s corporate communications and databases, where they can loot the company’s proprietary information or hold it for ransom.

Getting in and around

So how does all this happen? One way hackers commonly gain initial access is to steal the login credentials—or obtain the stolen credentials from a third party—that a vendor uses to upload invoices to the building manager’s billing system, says Mr. Lund.

Once they’ve gained access to a billing system, or gotten into the building manager’s computer system through any other internet-connected point, hackers have many ways of broadening their access. One of the most common is to use whatever information they have found to create convincing phishing emails that prompt employees or other vendors to reveal login and password information for other systems.

One way to cut down on that risk is to link all the various building services to a single network that can be monitored and controlled by cybersecurity experts, says Adam Stark, senior technology consultant for smart buildings and smart workplaces at JLL.. But that network—and everything on it—remains vulnerable if it isn’t sufficiently protected.

Hackers can move around a network like this by taking advantage of weak safeguards in place for the various systems and devices connected to the network, says Ron Cirillo, vice president of cybersecurity and service excellence at Oxford Properties Group.

“There’s a lot of very lazy work that went into designing authentication methods and identity-management methods” at many buildings, he says, citing weak passwords as one example, particularly for what might be considered relatively unimportant devices whose vulnerability to hackers might be overlooked.

“It has been my experience that operators do not tend to think of these smart devices—your coffee maker, for example—in the same way that they would think of a server or desktop computer,” Mr. Cirillo says. “As such, they will often neglect to change a factory default password, or if they do change it, they will often assign poor passwords and/or assign all devices the same password to keep it simple.”

Systems that are clearly essential also often aren’t well protected, he says, and so are easy prey for a hacker who has broken into a network. For instance, a hacker using the guest Wi-Fi in a shopping mall could find a building-management system on the same network, and “if that building-management system is using a factory default password, you could Google the password and you could sit in a mall food court and take over the air conditioning or the lighting,” he says.

Setting up barriers

Cybersecurity experts cite what they call network segmentation as crucial to keeping hackers from running amok once they’ve gained access to a computer network. Segmentation simply means building barriers into a network so that someone who has access to one system can’t easily gain access to other systems on the network.

“We logically segment every system, so in other words that if you are the air-conditioning vendor you can log into the air conditioner using our privileged access-management system, but you’re not able to route to, say, the lighting system, or the overall building-management system,” says Mr. Cirillo.

“The challenge is that putting that kind of network segmentation in place requires hiring skilled network engineers, and it requires time and effort,” he says.

Requiring multifactor authentication for anyone to access any part of the network is another basic step that goes a long way toward thwarting attacks and keeping them from spreading, the experts say.

But, of course, even with the most conscientious controls in place, no system is invulnerable. A breach is always possible “because the human-being side of it is one of the hardest to monitor,” says Mr. Lund, pointing to the risks from phishing emails, stolen user credentials and uncancelled login access for departed employees.

Many people considering an electric vehicle are turned off by their prices or the paucity of public charging stations. But the biggest roadblock often is “range anxiety”—the fear of getting stuck on a desolate road with a dead battery.

All EVs carry window stickers stating how far they should go on a full charge. Yet these range estimates—overseen by the Environmental Protection Agency and touted in carmakers’ ads—can be wrong in either direction: either overstating or understating the distance that can be driven, sometimes by 25% or more.

How can that be? Below are questions and answers about how driving ranges are calculated, what factors affect the range, and things EV owners can do to go farther on a charge.

How far will an electric vehicle go on a full battery?

The distance, according to EPA testing, ranges from 516 miles for the 2023 Lucid Air Grand Touring with 19-inch wheels to 100 miles for the 2023 Mazda MX-30.

Most EVs are in the 200-to-300-mile range. While that is less than the distance that many gasoline-engine cars can go on a full tank, it makes them suitable for most people’s daily driving and medium-size trips. Yet it can complicate longer journeys, especially since public chargers can be far apart, occupied or out of service. Plus, it takes many times longer to charge an EV than to fill a tank with gas.

How accurate are the EPA range estimates?

Testing by Car and Driver magazine found that few vehicles go as far as the EPA stickers say. On average, the distance was 12.5% shorter, according to the peer-reviewed study distributed by SAE International, formerly the Society of Automotive Engineers.

In some cases, the estimates were further off: The driving range of Teslas fell below their EPA estimate by 26% on average, the greatest shortfall of any EV brand the magazine tested. Separately, federal prosecutors have sought information about the driving range of Teslas, The Wall Street Journal reported. Tesla didn’t respond to a request for comment.

The study also said Ford’s F-150 Lightning pickup truck went 230 miles compared with the EPA’s 300-mile estimate, while the Chevrolet Bolt EV went 220 miles versus the EPA’s 259.

A GM spokesman said that “actual range may vary based on several factors, including things like temperature, terrain/road type, battery age, loading, use and maintenance.” Ford said in a statement that “the EPA [figure] is a standard. Real-world range is affected by many factors, including driving style, weather, temperature and if the battery has been preconditioned.”

Meanwhile, testing by the car-shopping site Edmunds found that most vehicles beat their EPA estimates. It said the Ford Lightning went 332 miles on a charge, while the Chevy Bolt went 265 miles.

That is confusing. How can the test results vary so much?

Driving range depends largely on the mixture of highway and city roads used for testing. Unlike gasoline-powered cars, EVs are more efficient in stop-and-go driving because slowing down recharges their batteries through a process called regenerative braking. Conversely, traveling at a high speed can eat up a battery’s power faster, while many gas-engine cars meet or exceed their EPA highway miles-per-gallon figure.

What types of driving situations do the various tests use?

Car and Driver uses only highway driving to see how far an EV will go at a steady 75 mph before running out of juice. Edmunds uses a mix of 60% city driving and 40% highway. The EPA test, performed on a treadmill, simulates a mixture of 55% highway driving and 45% city streets.

What’s the reasoning behind the different testing methods?

Edmunds believes the high proportion of city driving it uses is more representative of typical EV owners, says Jonathan Elfalan, Edmunds’s director of vehicle testing. “Most of the driving [in an EV] isn’t going to be road-tripping but driving around town,” he says.

Car and Driver, conversely, says its all-highway testing is deliberately more taxing than the EPA method. High-speed interstate driving “really isn’t covered by the EPA’s methodology,” says Dave VanderWerp, the magazine’s testing director. “Even for people driving modest highway commutes, we think they’d want to know that their car could get 20%-30% less range than stated on the window sticker.”

What does the EPA say about the accuracy of its range figures?

The agency declined to make a representative available to comment, but said in a statement: “Just like there are variations in EPA’s fuel-economy label [for gas-engine cars] and people’s actual experience on the road for a given make and model of cars/SUVs, BEV [battery electric vehicle] range can exceed or fall short of the label value.”

What should an EV shopper do with these contradictory range estimates?

Pick the one based on the testing method that you think matches how you generally will drive, highway versus city. When shopping for a car, be sure to compare apples to apples—don’t, for instance, compare the EPA range estimate for one vehicle with the Edmunds one for another. And view all these figures with skepticism. The estimates are just that.

Since range is so important to many EV buyers, why don’t carmakers simply add more batteries to provide greater driving distance?

Batteries are heavy and are the most expensive component in an EV, making up some 30% of the overall vehicle cost. Adding more could cut into a vehicle’s profit margin while the added weight means yet more battery power would be used to move the car.

But battery costs have declined over the past 10 years and are expected to continue to fall, while new battery technologies likely will increase their storage capacity. Already, some of the newest EV models can store more power at similar sticker prices to older ones.

What can an EV owner do to increase driving range?

The easiest thing is to slow down. High speeds eat up battery life faster. Traveling at 80 miles an hour instead of 65 can cut the driving range by 17%, according to testing by Geotab, a Canadian transportation-data company. And though a primal appeal of EVs is their zippy takeoff, hard acceleration depletes a battery much quicker than gentle acceleration.

Does cold weather lower the driving range?

It does, and sometimes by a great amount. The batteries are used to heat the car’s interior—there is no engine creating heat as a byproduct as in a gasoline car. And many EVs also use electricity to heat the batteries themselves, since cold can deteriorate the chemical reaction that produces power.

Testing by Consumer Reports found that driving in 15- to-20-degrees Fahrenheit weather at 70 mph can reduce range by about 25% compared to similar-speed driving in 65 degrees.

A series of short cold-weather trips degraded the range even more. Consumer Reports drove two EVs 40 miles each in 20-degree air, then cooled them off before starting again on another 40-mile drive. The cold car interiors were warmed by the heater at the start of each of three such drives. The result: range dropped by about 50%.

Does air conditioning degrade range?

Testing by Consumer Reports and others has found that using the AC has a much lower impact on battery range than cold weather, though that effect seems to increase in heat above 85 degrees.

I don’t want to freeze or bake in my car to get more mileage. What can I do?

“Precondition” your EV before driving off, says Alex Knizek, manager of automotive testing and insights at Consumer Reports. In other words, chill or heat it while it is still plugged in to a charger at home or work rather than using battery power on the road to do so. In the winter, turn on the seat heaters, which many EVs have, so you be comfortable even if you keep the cabin temperature lower. In the summer, try to park in the shade.

What about the impact from driving in a mountainous area?

Going up hills takes more power, so yes, it drains the battery faster, though EVs have an advantage over gas vehicles in that braking on the downside of hills returns juice to the batteries with regenerative braking.

Are there other factors that can affect range?

Tires play a role. Beefy all-terrain tires can eat up more electricity than standard ones, as can larger-diameter ones. And underinflated tires create more rolling resistance, and so help drain the batteries.

Most EVs give the remaining driving range on a dashboard screen. Are these projections accurate?

The meters are supposed to take into account your speed, outside temperature and other factors to keep you apprised in real time of how much farther you can travel. But EV owners and car-magazine testers complain that these “distance to empty” gauges can suddenly drop precipitously if you go from urban driving to a high-speed highway, or enter mountainous territory.

So be careful about overly relying on these gauges and take advantage of opportunities to top off your battery during a multihour trip. These stops could be as short as 10 or 15 minutes during a bathroom or coffee break, if you can find a high-powered DC charger.

Before embarking on a long trip, what should an EV owner do?

Fully charge the car at home before departing. This sounds obvious but can be controversial, since many experts say that routinely charging past 80% of a battery’s capacity can shorten its life. But they also say that charging to 100% occasionally won’t do damage. Moreover, plan your charging stops in advance to ease the I-might-run-out panic.

So battery life is an issue with EVs, just as with smartphones?

Yes, an EV battery’s ability to fully charge will degrade with use and age, likely leading to shorter driving range. Living in a hot area also plays a role. The federal government requires an eight-year/100,000-mile warranty on EV batteries for serious failure, while some EV makers go further and cover degradation of charging capacity. Replacing a bad battery costs many thousands of dollars.

What tools are available to map out charging stations?

Your EV likely provides software on the navigation screen as well as a phone app that show charging stations. Google and Apple maps provide a similar service, as do apps and websites of charging-station networks.

But always have a backup stop in mind—you might arrive at a charging station and find that cars are lined up waiting or that some of the chargers are broken. Damaged or dysfunctional chargers have been a continuing issue for the industry.

Any more tips?

Be sure to carry a portable charger with you—as a last resort you could plug it into any 120-volt outlet to get a dribble of juice.