This weekend, we managed to uncover significant security gaps in the access cards used in a hotel. This discovery sheds light on a widespread problem: although many companies and institutions use modern card readers, they neglect to regularly update their reading procedures. Often, replacing access cards is seen as too cumbersome or costly. The result? Outdated access cards remain in use, posing significant security risks. What is particularly worrying is that these vulnerabilities can be exploited with simple means.
A good example of this is the Flipper Zero – a device that looks like a toy at first glance, but actually has impressive capabilities. With this device, outdated cards and reading methods, such as Mifare Classic, can be read and copied in just three steps. This makes it possible to gain unauthorised access to protected areas.
An investigation by FutureZone shows the extent of this problem: according to the report, 3 million doors in 16,000 buildings worldwide that use access control systems from a well-known manufacturer are affected. You can find the full article here: FutureZone article.
However, we assume that these figures are just the tip of the iceberg. The actual number of compromised access control systems is likely to be significantly higher, as the problem is not limited to hotel systems and is not exclusive to one manufacturer.
What about the security of access control systems in our company?
Companies should regularly review their security infrastructure and ensure that it is up to date. Outdated systems offer attackers an easy way to gain access. It is our responsibility to take proactive measures to ensure the security of our access control systems. It is time to identify potential security gaps and critically scrutinise the technologies used. Only through regular updates and the use of modern, secure procedures can we ensure that unauthorised persons do not gain access to sensitive areas.
