14. September 2023
Universities, schools, health insurance companies and daily newspapers have all recently fallen victim to hacker attacks in Germany. But it's not just computer systems that can become targets for cybercriminals. Lifts too can be manipulated remotely. Read on to find out how to improve the IT security of lift systems.
Lamps, light switches, heating thermostats and printers are just a few of the technical devices which are now Internet-enabled. The same can be said of the most widely used means of transport in the world: the lift. Modern lift systems are monitored and digitally controlled with the help of sensors. These digital controls are connected to the outside world via the Internet or mobile networks, enabling maintenance companies or lift operators to see at any time whether the system is working properly or if there’s a technical malfunction. If the lift fails, the software can be relaunched via the Internet. It can even be serviced remotely, at least to some extent. But above all, lifts can be operated without any need for on-site intervention.
But the catch is this: if the lift operators or maintenance companies can do this, then so too can cybercriminals. “Hackers could theoretically connect to the control system, change the speed of the lift, block the doors or open them while the lift is in motion and stop the lift between floors,” explains Matthias Springer, cybersecurity expert at TÜV NORD.
Lifts are susceptible to IT attacks - in future, higher cybersecurity requirements will be mandatory for corresponding installations.
This is an ominous scenario, especially if, for example, all the lifts in a skyscraper were to be affected by a cyberattack at the same time. “If the hackers also deactivated the emergency call system, the rescue workers wouldn’t even know where people might be trapped,” Springer says, outlining the worst-case scenario.
Lift as getaway for hackers
And there’s another problem: lift systems are increasingly being networked with other building components – such as access controls, air conditioning and fire protection equipment. If the attackers were to succeed in hacking into the connected lift, they could, under certain circumstances, also wreak havoc in these systems.
However, the requirements for lift operators are still lagging behind these risks. “ISO 8102-20 is a standard that deals with the IT security of lifts,” Springer explains. "However, no mandatory requirements for the cybersecurity of lift systems have yet been introduced.” But that is about to change. The catalogue of requirements for lift inspections is currently being revised and is set to be expanded. IT security will then also be added to the many aspects of functional safety that the inspectors already scrutinise. “They will be asking questions like whether a cyber risk assessment been done, and what measures have been taken in accordance with this assessment. What software version is the control system running on; are there any security updates, among other things, to eliminate security vulnerabilities in good time?” says Matthias Springer.
Deadline for greater security
The expectation is that the approved inspection bodies (ZÜS), to which TÜV NORD belongs, will start asking about cybersecurity measures of this kind during lift inspections in the middle of next year. “From then on, lift operators and manufacturers will have a transitional period, which many of them are going to need, to ensure the cybersecurity of their systems,” says Springer. At a later date, the new requirements will then become binding. A specific deadline is still to be determined. After that, lift users will be able to press the button for the ninth floor with an even greater sense of security.
About Matthias Springer:
Matthias Springer is Director of Functional Safety and IT Security at TÜV NORD CERT.