Attackers can crack high-security electronic locks at ATMs, pharmacy display cases, government organizations, etc. by measuring their power consumption.According to Reuters, last year IOActive researcher Mike Davis discovered a vulnerability in locks supplied by the Swiss company DormaKaba Holding. With an $ 5K oscilloscope Davis measured the minimal changes in electricity consumption of the devices and carried out an attack through third-party channels.
The locks studied by a specialist are equipped with a built-in battery, due to which they can work even when disconnected from the electricity supply. Most devices consume as much electricity as they need to work, and do not hide their activity behind power surges. This paves the way for attack through third-party channels, Davis explained.
“I can load an analog signal and convert power signals to units and zeros. I know what’s going on inside the castle”, – the researcher said.
Some DormaKaba-supplied lock models (not the most recent) of the X-10 series are used at US military bases, presidential jets, and government organizations. According to Davis, these models are vulnerable to attacks on third-party channels, allowing to crack devices using energy consumption data.
Davis talked about his finding at the Def Con USA 2019 conference, which is now taking place in Las Vegas. The president of Kaba Mas, a subsidiary of DormaKaba and an X-10 manufacturing company, Eric Elkins declined to comment on this issue without seeing the researcher speaking. However, Elkins noted that if the attack works, then it could endanger classified information.
“It would be right to turn to the government, and not to a handful amateur hackers, or whatever you like to call them”, – Elkins added.
Davis notified DormaKaba of the problem and the company hired specialists to study the issue.
“As the results of the investigation showed, our current line of secure locks in a real environment works as expected”, – DormaKaba said.
User Review( votes)