Ensuring the security of your organisation is essential
to prevent any breaches that could result in devastating consequences.
Despite the advancements in technology, many organisations are still using outdated and vulnerable security systems that are susceptible to attacks. At last week’s annual DefCon security conference in Las Vegas, hackers highlighted a significant vulnerability that has been present for over a decade, yet remains unfixed in many organisations worldwide.
The vulnerability concerns HID cards, rectangular white plastic “smart” cards that organisations distribute to employees for security badges. The Chaos Communication Congress (CCC) released a paper in 2010 demonstrating a serious vulnerability in smart cards made by HID Global, the largest manufacturer of these devices.
The CCC researchers showed that the card reader device that HID sells to validate the data stored on its then-new line of iClass proximity cards includes the master encryption key needed to read data on those cards.
The researchers proved that anyone with physical access to one of these readers could extract the encryption key and use it to read, clone, and modify data stored on any HID cards made to work with those readers.
This vulnerability is still present in many organisations worldwide, despite the issue being raised over a decade ago.
HID responded to the 2010 paper by modifying future models of card readers so that the firmware stored inside them could not be easily dumped or read.
However, HID never changed the master encryption key for its readers, likely because doing so would require customers using the product to modify or replace all of their readers and cards, which would be a costly proposition given HID’s huge market share.
The issue with this approach is that anyone with a modicum of hardware hacking skills, an eBay account, and a budget of less than AUD $150 can grab a copy of the master encryption key and create a portable system for reading and cloning HID cards.
At least, that was the gist of the DefCon talk given by the co-founders of Lares Consulting, a company that gets hired to test clients’ physical and network security.
Lares’ Joshua Perrymon and Eric Smith demonstrated how an HID parking garage reader capable of reading cards up to three feet away was purchased off of eBay and modified to fit inside of a common backpack.
Wearing this backpack, an attacker looking to gain access to a building protected by HID’s iClass cards could obtain that access simply by walking up to an employee of the targeted organisation and asking for directions, a light of a cigarette, or some other pretext.
Smith and Perrymon noted that, thanks to software tools available online, it’s easy to take card data gathered by the mobile reader and encode it onto a new card, also available on eBay for a few pennies apiece.
Worse yet, the attacker is then also able to gain access to areas of the targeted facility that are off-limits to the legitimate owner of the card that was cloned because the ones and zeros stored on the card that specify that access level can also be modified.
The vulnerability in HID cards raises a significant issue for organisations that use them. Many organisations may still be using these outdated systems and could be at risk of a security breach.
Ensuring that organisations are aware of this vulnerability is essential to help prevent any potential attacks.
At this point, it is essential to remind organisations that security is a never-ending process. New vulnerabilities will always arise, and organisations must remain vigilant to detect and prevent any potential attacks.
Furthermore, organisations must not assume that their current security measures are foolproof.
Instead, they must take proactive measures to ensure that their security systems are up-to-date and can protect against the latest threats.
One approach that organisations can take is to partner with security experts who can help identify vulnerabilities and provide recommendations for improving security measures.
These experts can conduct penetration testing and report any security access related issues.
Keycard & Keyfob Cloning In Australia
Keycard and Keyfob Cloning put your premises at risk.
Keycard cloning is a serious security concern that has plagued residential and commercial buildings for years.
Cloning allows unauthorized individuals to access secure areas, potentially putting the entire building and its occupants at risk.
One type of keycard that has been particularly vulnerable to cloning is the HID iClass card. In this blog post, we will explore the issue of keycard cloning, with a focus on HID iClass cards, and the risks associated with this security vulnerability.
First, it’s important to understand what keycard cloning is and how it works.
Keycard cloning is the process of creating a copy of an existing keycard.
The cloned keycard will have the same data as the original, allowing the person in possession of the cloned keycard to access the same areas as the original keycard owner.
Cloning can be done using various methods, such as copying the data onto a blank keycard or by programming a new keycard with the same data as the original.
One of the most common types of keycards that are cloned is the HID iClass card.
HID Global is a leading provider of access control systems and their iClass card is a popular choice for many businesses.
However, the iClass card has been known to have vulnerabilities that make it susceptible to cloning.
The vulnerabilities in HID iClass cards are primarily due to their use of a static key.
A static key is a digital code that is used to authenticate the card and allow access to secure areas.
In the case of iClass cards, the static key is stored on the card itself and is not encrypted with an open source encryption but instead with a proprietary encryption using a rainbow table, this type of proprietary encryption can be found in many other security systems such as URMET FDI, ICT, Gallagher and much more.
Ethical hackers and crackers have warned the public for over a decade that using proprietary encryption ultimately gives ways for crackers to decrypt the keycards, it’s also referred to the security through obscurity.
This means that anyone with access to the card can easily copy the static key and use it to create a cloned keycard.
Another vulnerability in iClass cards and their readers is the TTL communication between the reader and the door controller, which doesn’t uses RFID technology.
RFID stands for Radio Frequency Identification, and it’s a technology that uses radio waves to communicate between the card and the reader.
However, the communication between the reader and door controller (software management) is not secure, and the data transmitted can be intercepted by anyone with the right equipment, exposing the building facility code (site code).
This means that an attacker can easily intercept the data from an iClass card and use it to create a cloned keycard.
Again another vulnerability with HID Global BLE for multiple reader lines, including HID iClass SE and HID Signo…
The risks associated with keycard cloning are significant.
When an unauthorized individual gains access to a building or secure area, they could steal confidential information, cause damage, or harm occupants. Additionally, people who clone keycards are often keeping copies for potential clients looking to access the building facilities or to use parking illegally.
This is a common practice for many unlicensed service providers, who offer keycard cloning as part of their services.
These individuals are not vetted and may have ulterior motives, such as theft or vandalism.
People who choose to clone their keycards are also putting themselves and the entire building at risk.
By using an unlicensed service provider, they are allowing a stranger access to sensitive information and secure areas. Furthermore, the cloned keycard can be easily shared or sold to other individuals, increasing the likelihood of unauthorized access and security breaches.
The solution to the problem of keycard cloning is to transition to more secure access control systems.
HID Global has already released a new version of their iClass cards, called iClass SE then SEOS, which uses more advanced encryption and secure communication protocols.
This makes it much harder for attackers to intercept data and clone keycards but not impossible thus right now the entire iClass credentials can be cloned…
However, the best solution is to move away from physical keycards altogether and transition to mobile access control systems.
Mobile access control systems use virtual keycards that are stored on a user’s smartphone. These virtual keycardsmcannot be cloned and can be easily revoked if they fall into the wrong hands. Additionally, mobile access control systems offer a host of other benefits, uch as the ability to remotely manage access and track usage.
In conclusion, keycard cloning is a serious security concern that can have significant consequences so we recommend to look at new solutions and security integrators if your current security integrator failed repetitively to secure your premises or is still using HID global.
Keycard & Keyfob cloning is the process of creating a copy of an electronic access card or fob, which can be used to gain access to secure areas or buildings. In Australia, keycard and keyfob cloning is legal provided it is done for legitimate purposes by authorized persons, such as building managers or security professionals.
When it’s done by unknown people in the street or a shop, it’s illegal without the correct licencing.
Most keycards and keyfobs use RFID (Radio Frequency Identification) technology to communicate with the access control system. If your keycard or keyfob uses RFID, it is likely that it can be cloned. However, some manufacturers use proprietary technology that cannot be easily copied. If you are unsure, you can contact the manufacturer or a reputable security professional to determine if your keycard or keyfob can be cloned.
It is unlikely that someone can clone your keycard or keyfob without your knowledge, as they would need to physically access the card or fob in order to clone it. In some instance, it’s possible to clone a credential just by knowing its printed numbering.
However, if your keycard or keyfob is lost or stolen, it is possible that someone could clone it before you realize it is missing.
To prevent this, you should report any lost or stolen keycards or keyfobs to the appropriate authorities immediately.
To protect your keycard or keyfob from cloning, you should keep it in a secure location when not in use, and avoid leaving it unattended in public places.
You can also purchase protective sleeves or wallets that block the RFID signal, making it harder for someone to scan or clone your card or fob.
Additionally, you can use a password or PIN code in conjunction with your keycard or keyfob to add an extra layer of security.