If you thought your electronically secured hotel room was safe, think again – because security experts have revealed that electronic lock systems found in global hotel chains can be hacked, allowing thieves to break into rooms without a trace.
The revelation comes from a group of researchers who hacked a lock system to produce a master key card that could open any door in the building.
It has raised fears that thieves could exploit these systems to make room key cards ‘out of thin air’.
Electronic lock systems found in global hotel chains can be hacked, allowing thieves to break into rooms without a trace, researchers revealed
The research was conducted by Finland-based cyber security company F-Secure, which showed how they hacked a system called the Vision by Ving Card made by the world’s largest lock manufacturer, Assa Abloy. It’s a system that’s used to secure millions of hotel rooms around the world.
The hack involved taking an ordinary electronic key card and using a small hardware device to read the information on it to produce multiple keys to the hotel.
These were then tested against multiple locks and within minutes the device was able to generate a master key that could open any door in the building.
The researchers said that even an expired key from a stay five years ago will work, along with cards that are used to access utility spaces such as garages or closets.
HOW THIEVES CAN HACK ELECTRONIC LOCK SYSTEMS
First they need to obtain an ordinary electronic key – even one that’s long expired, discarded, or used to access spaces such as a garage or closet.
They then read the key and use a small hardware device to derive more keys to the hotel.
These derived keys can be tested against any lock in the hotel and within minutes the device is able to generate a master key to the facility.
The device can then be used in place of a key to bypass any lock or alternatively to overwrite an existing key to contain the newly created master key.
Although F-Secure stressed that during the research no hotel rooms were actually broken into and that the attack tools were not made available, Tomi Tuominen, the practice leader at F-Secure, said: ‘You can imagine what a malicious person could do with the power to enter any hotel room with a master key created basically out of thin air.’
He added, however, that he didn’t know of any group performing this attack in the world right now.
The researchers’ interest in hacking hotel locks was sparked a decade ago when a colleague’s laptop was stolen from a hotel room during a security conference.
When the researchers reported the theft, hotel staff dismissed their complaint given that there was not a single sign of forced entry, and no evidence of unauthorised access in the room entry logs.
The researchers decided to investigate the issue further, and chose to target a brand of lock known for quality and security.
It took a thorough understanding of the whole system’s design to identify small flaws that, when combined, produced the attack.
The research took several thousand hours and was done on an on-and-off basis, and involved considerable amounts of trial and error.
There are fears that thieves could exploit electronic systems to make their own key cards ‘out of thin air’
Timo Hirvonen, Senior Security Consultant at F-Secure added: ‘We wanted to find out if it’s possible to bypass the electronic lock without leaving a trace.
‘Building a secure access control system is very difficult because there are so many things you need to get right.
‘Only after we thoroughly understood how it was designed were we able to identify seemingly innocuous shortcomings. We creatively combined these shortcomings to come up with a method for creating master keys.’
F-Secure notified Assa Abloy of the findings and has collaborated with the lock-maker over the past year to implement software fixes and updates have been made available to affected properties.
Mr Tuominen explained: ‘I would like to personally thank the Assa Abloy R&D team for their excellent cooperation in rectifying these issues.
‘Because of their diligence and willingness to address the problems identified by our research, the hospitality world is now a safer place. We urge any establishment using this software to apply the update as soon as possible.’