Electronic Lockers Vulnerable to Hacking
Recent research has revealed that electronic lockers found in gyms, offices, and schools may be at risk of being compromised by cybercriminals using inexpensive hacking tools to access administrator keys. At the Defcon security conference, security researchers demonstrated a proof-of-concept attack that showed how digital administrative keys could be extracted from lockers and used to gain unauthorized access to additional storage lockers produced by Digilock and Schulte-Schlagbaum.
Understanding Electronic Lock Vulnerabilities
The researchers purchased electronic locks from various sources and analyzed models dating back to 2015. By breaking open the locks and extracting the firmware and stored data, they were able to identify security flaws that could be exploited by hackers. This data often included PIN codes, administrative keys, and program keys, which could then be copied and used to open other lockers.
Response from Lock Manufacturers
After discovering these vulnerabilities, the researchers reported their findings to the affected companies. Digilock responded by releasing fixes for the vulnerabilities, while Schulte-Schlagbaum did not address the issue. The potential consequences of these security flaws are significant, as unauthorized access to electronic lockers could have widespread implications for businesses, schools, and other institutions.
Overall, the research highlights the importance of addressing vulnerabilities in electronic lock systems to ensure the security of valuable assets and sensitive information.
