In last July, an employee at google found a way to trick doors of the tech giant’s Sunnyvale offices to open without the need of an RFID keycard. This hacking was done my David Tomaschik and was done with good intentions.
He sent the malicious code across the Google network and was able to see the lights on the door to his office turn from red to green. The locks got opened and Tomaschik had revealed vulnerabilities in technology made by Software House, the creator of the office controllers managing the physical security of the California site.
Tomaschik discovered about the vulnerability when he checked the encrypted messages which the Software House devices (called iStar Ultra and IP-ACM) were sending across the Google network. He found out that these messages were non-random and if they were properly protected they were supposed to be random. He was fascinated and on further investigation he discovered that a “hardcoded” encryption key was used by all Software House devices. This means that he could efficiently duplicate the key and forge commands, probably asking the door to get unlocked.
He also found that he was able to do all these without any record of his actions. He was able to prevent authorized Google employees from opening doors. Based on his discovery Google acted quickly to prevent attacks on its offices.
A Google spokesperson reported that there was no evidence of the doors being exploited by any attackers. The iStar v2 Board now uses a more satisfactory form of encryption, known as TLS, which could fix the issue to some extent. Meanwhile, Google has segmented its network in order to provide protection for the vulnerable systems still in its properties.
Still problem remain for those who use the vulnerable Software House tech. Software House had come up with solutions to fix the problem even though to switch to TLS it would require a hardware change at the customer site. This is due to the reason that the Software House systems didn’t have enough memory to cope with the installation of new firmware.
Tomaschik said to Forbes that the defective Software House tech was likely to be deployed widely, inside and outside Google, as only a very few companies make such office controls. That means that all manner of other businesses could be open to attack by hackers-turned-robbers.