In the latest development around the cyberattack impacting Johnson Controls International (JIC), officials at the Department of Homeland Security (DHS) are now reportedly concerned that the attack may have affected sensitive physical security information. Johnson Controls serves as a government contractor, providing building automation services to facilities, such as HVAC, fire, and security equipment. Johnson Controls holds “classified/sensitive contracts for DHS that depict the physical security of many DHS facilities.”
It is still unclear as to what information was accessed in the breach, which is believed to be a ransomware attack, but the memo stated that “until further notice, we should assume that [the contractor] stores DHS floor plans and security information tied to contracts on their servers.”
Read more: https://www.darkreading.com/ics-ot/dhs-physical-security-concern-johnson-controls-cyberattack