Hackers Design A “Master Key” to Unlock Millions of Hotel Room Doors
Carly Zinderman June 09, 2018
Tomi Tuominen and Timo Hirvonen, who work for international cybersecurity firm F-Secure, have uncovered a flaw in electronic hotel doors that leave them open to hackers. To resolve the issue, the duo are now going door-to-door to hotels across the world, according to Gizmodo.
A design flaw in the software of electronic keys produced by VingCard has been detected in as many as 166 countries at over 40,000 buildings. Hijacking and cloning hotel room keys is nothing new. The latest vulnerability allows hackers to create a Master Key in mere minutes that can access all the rooms in a building by using a hotel room key—even one that has expired.
Tuominen tells Gizmodo that hackers can use any key: your room key, a cleaning staff key, even to the garage or workout facility key—even a key you are carrying in a pocket on an elevator ride.
Cracking hotel room keys began in 2003 after a hacker conference in which a conference goer’s laptop was stolen from their hotel room—but with no signs of forced entry. Since then, it has become relatively simple for hackers to clone hotel staff keys that are equipped with RFID, or electromagnetic fields by walking by with an RFID reader. A clone card can then later be recreated.
The problem with the latest hack is that a clone card can be created with any card that uses VingCard’s Vision software, which is the software used by millions of hotel rooms around the world.
Hotels are currently working on resolving the issue, so the exact details of how a card is cloned are not readily available. The hospitality industry tends to be a popular target for hackers and the latest hack also makes customer information and data exploitable.
The firm is currently urging all hotels that use Vision to reach out and patch up their system to help protect guests identity and information.
Actually, "Hacker" is exactly the right word. It originally referred to hardcore computer enthusiasts and their subculture. The media has taken the word "Hacker" and used it as a synonym for "Criminal", but that is incorrect.
Not sure about the other claims but RFID tags very generally cannot be read out remotely (with the exception of the data that is meant to be revealed). They can merely be challenged to give a response.
After being in the hospitality industry for a major part of my life, room key access and controlling that access has never been foolproof. It doesn't surprise me that anyone has figured out how to re-create a master key using an existing key--it's probably as simple as cloning the card and then changing the card type and expiration date. This would probably even work on the older 2100 series mag stripe locks as well. Now, that being said, there is a log in each lock of the last 100 operations and by which key. So while someone may be able to clone a key or create one and get in and out, it's definitely traceable. The logs cannot be erased even by reprogramming the lock (at least on the 2100 series). The only way this information would not be accurate is if the ecm from the lock is swapped to another which would only be done by maintenance, and by someone that really knows these locks (again, 2100 series). If you really want to do some damage, social engineering hacking is where most companies are most vulnerable, hotels included. One of the worst is how all registered guest information is now verbally communicated at check-in in full earshot of anyone else present versus the registration cards of years past. This has dangers that extent well-beyond just hacking and enters the realm of identity theft.
I agree that "hackers' is not the right word to describe the worlds leading security consultants from F-secure Finland. There is nothing in this article that states they are "hackers" ; something that "finflyer" wrongly commented. After all it is NOT these two folks that designed a "Master Key" to unlock the doors of millions of hotel rooms. Good article and I am glad to see these two folks doing there best to point out the issues with VingCard keys used by hotels all over the world.
They found a new foolproof way to solve the problem its called a metal key :)