Leave a comment

Security key flaw allows hackers access to your hotel room

Security key flaw allows hackers access to your hotel room
© Ekostsov | Dreamstime.com

These days, most hotels you stay in will not give you an actual key to get into your room. Instead, you will get a card that is registered to your room.

You then find your room, put the card into the reader and voila, the door unlocks. It's a pretty simple process, and it creates less stress because if you lose the card it can be deactivated while another one can easily be made.

It's a great technology that has made living away from home easier, but it has the same downside as most things that rely on technology. That is, there will always be people trying to take advantage of it.

That's right, the keys can be hacked

International cybersecurity firm, F-Secure, discovered a design flaw located in the software for electronic keys that were produced by the company, VingCard. One of the leaders in providing electronic locks and key cards for hotels all over the world, their products are found in more than 40,000 buildings in up to 166 different countries.

Estimate how many doors each of those buildings have and you'll have an idea of just how bad this could be.

If this news surprises and disturbs you, understand that hackers have long gone after hotel key cards. However, this latest problem is different because it allows a hacker to create a master key for an entire building within minutes as long as they have a regular hotel room key.

Worse, the key they use does not even have to be active. As long as the hacker uses VingCard's Vision software, doors will be opened for them.

Along with doors, access to the software could lead criminals to customer information or give them the ability to create and/or modify guest entries.  Researchers showed how quickly an attack can happen and give hackers access to even restricted floors. It's pretty frightening because of how easy it was to execute.

Now what?

Since discovering the flaw, F-Secure says VingCard has been very open about dealing with them in trying to solve the problem. A patch has been created to help with VingCard, but F-Secure wants this to be a warning. It said that key cards are not exactly the most secure way to manage hotel room access.

Hackers have often taken advantage of hotel employees, whose cards can access any room in the building. Keys that use RFID, or electromagnetic fields, can be easily duplicated by someone who is just walking by if they have an RFID reader concealed somewhere with them, like in a bag.

What happens then is the card's response to the reader is recorded before being copied later, either onto a card or some other device that can act as such.

Hackers are after your online bank account, too

Any time a new hack is discovered, it is imperative that we understand what it is and how to defend ourselves. In this case, the hack is trying to take a new-age approach to one of the oldest crimes in the book. Click here to learn more.

Next Story
Source: Gizmodo
Test your smarts; Can you pass a Mensa intelligence test?
Previous Happening Now

Test your smarts; Can you pass a Mensa intelligence test?

Fake Mark Zuckerbergs are scamming Facebook users out of cash
Next Happening Now

Fake Mark Zuckerbergs are scamming Facebook users out of cash

View Comments ()