classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2018


Stop hacking of access control ­systems
March 2019, This Week's Editor's Pick, Access Control & Identity Management, Cyber Security

Hacking has become a threat far bigger than most think. Many hackers are just teenage boys in basements trying to get into any system that they can. It’s referred to as ‘opportunistic hacking.’ And, when they get in, they like to change code that will create mayhem. That should not give you rest. Apple CEO Tim Cook warns, “The hacking community aren’t hackers anymore; they are sophisticated enterprises.”

IPVM recently reported how a $30 copier easily spoofed a popular proximity card. The column stated that the copier “used to copy the cards works much the same way as normal card readers, with transceiver coil, power supply, IC chip, buzzer and even LEDs components shared by both”. (https://ipvm.com/reports/card-copier-test).

Interestingly, some security people don’t seem to secure their own security equipment. Users are learning that today’s IP-enabled contactless card readers and wireless cameras have become favourite targets of hackers. Unsecured, they provide irresistible backdoors. Thus, new specifications are needed for electronic access control projects.

For instance, were you aware that by simply putting the default installer code in a disarmed state, it can be used to view the user codes including the master code or to change or create a new code? Therefore, if a potential unauthorised person gains access to a panel in the unarmed state, using the installer code gives that person access to all installed hardware and will even allow creation of a new user code or change of a current user code. This code then trumps the user codes.

So, if the installer does not change the default code, the user might as well be giving a user code to everyone. Less than 30 seconds is all it takes to view the master, all other user codes, or even create a new one. Yes, you reply, but what if the installer says that they don’t have the default installer code? Unfortunately, too often, these codes can be found online by anyone that knows how to use a simple Google search. And, of course, once inside the system, the hacker can also get access to the rest of the computer system.

Sometimes the problem is within the software itself. Oftentimes, the default code is embedded in the app to provide a mechanism to let the device still be managed even if the administrator’s custom pass code is lost. However, it is a poor developer practice to embed passwords into an app’s shipped code, especially unencrypted.

Adding to the problem is that Wiegand, the industry standard over-the-air protocol commonly used to communicate credential data from a contactless access credential to an electronic access reader, is no longer inherently secure due to its original obscure and non-standard nature.

For this reason, options are now available that can be added to the readers. The first is MAXSecure, which provides a higher-security handshake, or code, between the proximity or smart card, tag and reader to help ensure that readers will only accept information from specially coded credentials.

The second is Valid ID, a relatively new anti-tamper feature available with contactless smartcard readers, cards and tags. Embedded, it can add an additional layer of authentication assurance to NXP’s MIFARE DESFire EV1 smartcard platform, operating independently, in addition to, and above the significant standard level of security that DESFire EV1 delivers. Valid ID lets a smartcard reader effectively help verify that the sensitive access control data programmed to a card or tag is indeed genuine and not counterfeit.

Two-factor authentication.
Two-factor authentication.

Role of the access control provider

First of all, when considering any security application, it is critical that the access control provider needs to realistically assess the threat of a hack to a facility. For example, if access control is being used merely as a convenience to the alternative of using physical keys, chances are the end user has a reduced risk of being hacked. However, if the end-user is using their access system as an element of their overall security system because of a perceived or imminent threat due to the nature of what they do, produce or house at their facility, they may indeed be at higher risk and they should consider methods to mitigate the risk of a hack. Here are a few steps that may be considered in reducing the danger of hacking into a Wiegand-based system.

• Install only readers that are fully potted. Potting is a hard epoxy seal that does not allow access to the reader’s internal electronics from the unsecured side of the building. An immediate upgrading is recommended for readers that fail to meet this standard.

• Make certain the reader’s mounting screws are always hidden from normal view. Make use of security screws whenever possible.

• Embed contactless readers inside the wall, not simply on the outside, effectively hiding them from view. Or, if that is not possible and physical tampering remains an issue, consider upgrading the site to readers that provide both ballistic and vandal resistance.

• Make use of reader cable with a continuous overall foil shield tied to a solid earth ground in a single location. This helps block signals from being induced onto the individual conductors making up the cable as well as those signals that may be gained from the reader cable.

• Deploy readers with a pig tail, not a connector. Use extended length pig tails to assure that connections are not made immediately behind the reader.

• Run reader cabling through a metal conduit, securing it from the outside world. Make certain the metal conduit is tied to an earth ground.

• Use the ‘card present’ line commonly available on many of today’s access control readers. This signal line lets the access control panel know when the reader is transmitting data.

• Provide credentials other than those formatted in the open, industry standard 26-bit Wiegand. Not only is the 26-bit Wiegand format available for open use, but many of the codes have been duplicated multiple times. Alternatives can include ABA Track II, OSDP, RS-485 and TCP/IP.

• Offer the customer cards that can be printed and used as photo badges, which are much less likely to be shared.

• Employ a custom format with controls in-place to govern duplication.

• Offer a smartcard solution that employs sophisticated cryptographic security techniques, such as AES 128-bit.

• Make available non-traditional credentials with an anti-playback routine, such as transmitters instead of standard cards and tags. Long-range transmitters offer the additional benefit of not requiring a reader be installed on the unsecure side of the door. Instead they can be installed in a secure location, such as the security closet, perhaps up to 70 m away.

• Offer a cutting edge, highly proprietary contactless smartcard technology such as Legic advant.

• Provide two-factor readers, including contactless and PIN technologies. Suggest users roll PINs on a regular basis. If required, offer a third factor, normally a biometric technology (face, fingerprint, voice, vein, hand, etc.).

Long-range reader.
Long-range reader.

Adding encryption to access control

One aspect of securing a card’s information is to make the internal numbers unusable; they must be encrypted. To read them, the system needs access to a secret key or password that provides decryption.

Today, 13,56 MHz smart cards are used to provide increased security compared to 125 kHz proximity cards. One of the first terms you will discover in learning about smart cards is ‘MIFARE’, a technology from NXP Semiconductors. MIFARE enables two-way communications between the card and the reader.

The newest of the MIFARE standards, DESFire EV1, includes a cryptographic module on the card itself to add an additional layer of encryption to the card / reader transaction. This is amongst the highest standard of card security currently available. MIFARE DESFire EV1 protection is therefore ideal for sales to providers wanting to use secure multi-application smartcards in access management, public transportation schemes or closed-loop e-payment applications.

For integrators, protecting your customers’ organisation(s) from hackers is imperative. With knowledge of what hackers seek and the remedies available to thwart them, anti-hacking specifications are now mandatory. For additional help, ask your manufacturer for their cybersecurity vulnerability checklist.

Scott Lindley is a 25+ year veteran of the contactless card access control industry. He is general manager of Farpointe Data, an OEM for cards and readers. He can be contacted at scott.lindley@farpointedata.com


  Share via Twitter   Share via LinkedIn      

Further reading:

  • 2019 Internet of Things (IoT) Barometer
    March 2019, This Week's Editor's Pick, Integrated Solutions, IT infrastructure
    A majority of businesses that use IoT technology agree that it has either disrupted their industry or will do so in the next five years.
  • Ideal operating temperature?
    March 2019, Leaderware, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring
    Walk into any CCTV control room in South Africa, whether in the middle of a heat wave or mid-winter, and you will probably see a number of operators wearing jackets, some huddled over slightly in an attempt to get warm.
  • Halt, who goes there?
    March 2019, Technews Publishing, Wolfpack Information Risk, This Week's Editor's Pick, Cyber Security
    As long as organisations treat their physical and cyber domains as separate, there is little hope of securing either one.
  • Using security to enhance the customer experience?
    March 2019, Axis Communications SA, Fidelity ADT Security, ISDS, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Integrated Solutions, Security Services & Risk Management, Retail (Industry)
    Customer experience will overtake price and product as the key retail brand differentiator by the year 2020. Will the security industry be part of this transformation?
  • Intelligent video transforms the ­in-store experience
    March 2019, Hikvision South Africa, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Integrated Solutions
    The customer experience is more important than ever as retailers are striving to ­differentiate themselves in a challenging and crowded market.
  • Enabling smarter cash handling solutions
    March 2019, Technews Publishing, Cash Connect, This Week's Editor's Pick, Asset Management, EAS, RFID
    Modern retail cash management has evolved so far from the old ‘dumb’ safe that it has become an essential enabler of today’s business.
  • IoT is convergence in action
    March 2019, Gijima Electronic and Security Systems (GESS), NEC XON, Technews Publishing, Axiz, G4S South Africa, This Week's Editor's Pick, Cyber Security, Integrated Solutions, IT infrastructure
    The Internet of Things gains more than enough attention these days, but the IoT demonstrates the reality of the convergence between the physical and cyber worlds, and physical security is part of it.
  • Changing the security landscape
    March 2019, Technews Publishing, This Week's Editor's Pick, News, Security Services & Risk Management
    Using smart technology and an intelligent platform, Aura has a vision to reduce crime in South Africa by 50% by 2025.
  • New cybersecurity pavilion for Securex 2019
    March 2019, Securex South Africa , This Week's Editor's Pick, Cyber Security, News, Conferences & Events, Training & Education
    Securex South Africa 2019 has announced that 4Sight Technologies, a subsidiary of an international holdings company focusing on investing in Industry 4.0 companies, has signed on as the official sponsor ...
  • Secutel partners with Matrix Comsec
    March 2019, Secutel Technologies, News, CCTV, Surveillance & Remote Monitoring, Access Control & Identity Management
    Secutel Technologies announced it is the exclusive distributor of Matrix Comsec access control products and IP video management software in South Africa. Established in 1991, around 40% of Matrix’s ...
  • Countering the threats of retail ­terrorist vehicle attacks
    March 2019, This Week's Editor's Pick, Access Control & Identity Management, Security Services & Risk Management, Retail (Industry)
    Bollard systems operate individually or in groups and are aesthetically pleasing and let pedestrians move between them in non-roadway applications.
  • Shopping with your face
    March 2019, ZKTeco, Retail (Industry), Access Control & Identity Management
    Facial recognition is being used in many businesses to verify payments, grant access and improve existing security systems.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.