Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Accuvant researchers to release open source RFID access tool

Maria Korolov | July 29, 2015
Security researchers have long known about the vulnerabilities of the RFID readers that many buildings use instead of door locks, but facilities managers have been slow to upgrade to more secure systems.

There are also proprietary systems, but they typically haven't been fully audited, he said. They might be very secure, but it's hard for customers to know for certain.

Companies that have the vulnerable readers in place can take steps to make them more secure until they're updated, he added.

For example, the card readers have a built-in tamper switch that should set off an alarm when an attacker takes off the cover to hack into the device.

"Typically, not enough physical wiring is installed so that the tamper switch is on," he said. "A business needs to ensure that a tamper switch is on."

Some kind of monitoring system would also help, he said, whether a human guard or a video camera, with records kept about who walks through the door and when.

For particularly sensitive areas, the cards should be kept in RFID sleeves, so that they can't be read right from people's pockets, he added.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.