Hackers may exploit vulnerabilities in high-security electronic locks by monitoring their power usage, allowing them to break into everything from automated teller machines to pharmacies and government facilities, Mike Davis, a specialist with the independent security firm IOActive, told Reuters on Wednesday.
He referred to the results of his research, which was completed last year and is due to be presented at the annual Def Con hacking conference in Las Vegas on Friday.
Davis said that he had already notified US government officials and the Swiss company DormaKaba Holding (DOKA.S), the distributor of multiple brands of sophisticated locks, of the vulnerability.
He explained that during the research, he specifically used an oscilloscope, a device designed for exploring the parameters of an electric signal. Davis said that thanks to oscilloscope, he managed to detect small changes in the power consumption of a high-security lock.
“I can download that analogue signal and parse through the power trace to get ones and zeroes. I know what the lock is doing internally,” he said.
Davis added that due to the presence of a separate power source for each lock, they even work when electricity is turned off. The hacking is carried out by determining the sequence of binary code data transmitted by the device to open the lock, according to Davis.
He recalled that some of these state-of-the-art locks are used at military bases, government offices and even on the US presidential jet Air Force One.
DormaKaba has meanwhile claimed that they had hired an independent firm to investigate Davis’ findings and that “these investigations indicate that our current safe-lock product lines perform as intended in a real life environment.”
As far as old models are concerned, the company argued that “there have been no reported events in the field to suggest that current or prior year models have presented security issues in real-world environments”.
Davis’ findings come after the website Techcrunch cited security researchers Chase Dardaman and Jason Wheeler as claiming in a study that they had discovered several security flaws which, “when chained together, could be abused to open a front door” with a sophisticated Zipato smart hub lock.
Zipato said in turn that it has a total of 112,000 devices in 20,000 households, and that the exact number of vulnerable hubs has yet to be revealed.