The recent cyber attack of Iran’s nuclear centrifuges by an extremely sophisticated, weaponized virus, Stuxnet (and Duqu, a worm) demonstrates the inherent vulnerability of complex systems, in this case programmable logic controllers (PLCs). Stuxnet was able to cause actual physical damage. What would the consequences be if the dark side was able to tap the vast amount of information available from BIM for a critical national facility? Could they turn security systems off? Probably yes!
John J. Strauchs, MA, CPP, is senior principal of Strauchs LLC in Ashburn, Va., and formerly CEO of Systech Group Inc., a professional security and fire protection engineering firm. Earlier in his career, he was an operations officer with the U.S. Central Intelligence Agency (CIA).