Johnson Controls ransomware highlights building automation risk

Dark Angels deployed ransomware across Johnson Controls, disrupting building automation and exposing data tied to government and critical infrastructure projects.

Operational technology networks lacked segmentation, enabling attackers to pivot between facilities systems and corporate assets.

Prevention playbook:

• Segment operational technology networks with strict firewall policies and one-way data diodes where possible.
• Inventory and patch building management systems, many of which run unsupported operating systems.
• Ensure backups are offline/immutable and rehearse cross-functional recovery plans that include facilities teams.