Major vulnerabilities in office security and RFID systems
At the Black Hat conference in Las Vegas, researchers will reveal critical vulnerabilities in many of the world’s most widely-used building security systems and RFID‑based badging systems.
Bishop Fox Senior Security Analysts Drew Porter and Stephen Smith and Partner Fran Brown will be presenting two separate talks that showcase methods of bypassing physical security systems used by millions in buildings all over the globe. They’ll reveal vulnerabilities in badging systems widely used to control access to buildings and secured areas.
In their talk, Porter and Smith demonstrate flaws in the digital systems and sensors used by more than 36 million office, building, and home security systems in the United States. Both researchers will give a detailed description of methods that can be used to prevent the tripping of commonly-used building security sensors, enabling an attacker to bypass electronic alarms and surveillance systems to access secure doors without setting off an alarm.
Using these methods and tools, an attacker could easily break into any home and many businesses without triggering the alarm systems installed within.
“What’s downright frightening about these vulnerabilities is how effective and damaging they are when exploited,” said Porter. “The research we’ve done affects millions of homes and buildings.” The methods Porter and Smith will showcase allow for undetectable covert entry, leaving no physical sign of compromise. The two researchers will discuss how alarm system signals can be intercepted, with no warnings sent and local alarms being shut down. “We believe this research should change the way enterprises and homeowners view electronic security systems, and hopefully, the way manufacturers build, install, and market them,” Porter said.
Brown’s talk on RFID Hacking will be presented at both the Black Hat USA and DEF CON conferences. Brown will demonstrate methods of capturing and abusing RFID proximity badge information, essentially enabling attackers to disguise themselves as authorized entrants to gain access to any secure area that requires a RFID badge for entry.
RFID proximity badging systems are among the most popular and are used in millions of buildings and businesses across the globe.
“The susceptibility of RFID badging systems has been known for some time, but until now, the attacker had to be within centimeters of a legitimate badge in order to read its data,”explained Brown. “We’ll be demonstrating a method of attaining badge data from several feet away, showing it can be done without the victim’s knowledge. This makes it possible for someone to copy a badge using a much wider array of social engineering tactics, and then come back later with the cloned badge and gain entry to secured areas.”
In his talk, Brown will demonstrate methods of cracking higher-privilege badges in order to gain access to high security areas such as data centers or vaults. He will also outline methods for creating cloned cards and planting physical backdoor devices into a secure area so that the attacker can come and go at will.