The corona pandemic has asked companies around the world how they can change the way their offices work in order to ensure safe collaboration even in the age of social distancing. One guideline for this, which is implemented by many companies, is the installation of hands-free access controls at company entrances in order to reduce employee contact with potentially contaminated surfaces.
Of course, managing access controls requires powerful tools to authenticate quickly and efficiently. Many companies use edge computing devices for this purpose.
Edge computing is a relatively new term, meaning that higher performing resources are placed closer to the devices at the "edge" of the network (such as IP cameras capturing images for access control) to reduce delays and improve efficiency to increase. In contrast, in a cloud-oriented Internet of Things (IoT) system, many energy-saving devices at the edge of the network collect data and send it to a cloud solution, which processes the data and issues commands. Edge computing devices are already in use in many different industries - trucks are equipped with devices that monitor and maintain the temperature and environment, automation systems in factories are starting to deploy high-performance devices, and even modern elevators have edge computing solutions installed.
How secure are access control devices?
Access control devices manage entrances and exits for the premises of a company. As mentioned earlier, many companies are looking for contactless access solutions, especially edge devices for facial recognition or small devices like RFID cards. These devices act as a first line of defense to keep intruders out of offices, which can be exposed to many different types of attack.
But there are several ways an intruder can trick or hack access control devices with facial recognition:
Use of static images
Some of these access control devices also accept static recordings, such as a picture on a cell phone. This is a critical weakness as personal photos are available on social media. If an attacker knows the name of an employee of the targeted company, they may be able to find clear photos of their face on the Internet.
Some access control devices also accept static recordings, such as a picture on a cell phone.
Use of product information on the device
Important information is printed directly on many devices, for example serial numbers or manufacturer names. Hackers can use this information to gain further access to the devices, possibly to steal the password and manipulate the door control.
Use of exposed connections
Access control devices are often tablets that have connections for transmitting information or power. Many have solid cases that protect the devices from tampering, but there are a few where the ports are exposed. If a USB port is left exposed, hackers could gain access to the door controls. You would also be able to dig deeper into the device and download data such as pictures and usernames, or add a new user to the device and grant them access to the company premises.
Overhear communication
Most access control devices are connected and managed via a server and customer-specific software from the manufacturer. Communication between the device and server can be easily intercepted and tampered with if it is not encrypted or secured, allowing a threat actor to collect data such as images and information from the user. In addition, a hacker can impersonate the server and force updates on the devices and add new users or install new administrators for the device.
Device security
Compared to ordinary smart devices, edge computing devices are more powerful and can even contain valuable data. Access control devices, in particular, play an important role in corporate security, and a successful attack can have serious consequences. To help companies contain such attacks, Trend Micro has a few recommendations for securing these devices:
- Check whether connections are exposed and make sure that communication is safe. Cybersecurity must be paramount when choosing an access control device.
- Since many of these devices are equipped with widespread hardware and software, a company should always have the vulnerabilities affecting their devices under control and install the latest security updates as soon as they are available.
- Access control devices are usually placed in public areas. It is important to physically secure the device to ensure that no one can access ports or see sensitive information printed on the device.
- Companies should also install endpoint protection on devices to protect them from vulnerabilities and cyberattacks. Products with deep packet inspection capabilities, such as Trend Micro Deep Discovery Inspector ™, can prevent an attacker from attempting to impersonate the edge device or server. These network monitoring systems can also detect and prevent unauthorized network traffic from unknown network endpoints.
More on this in the blog at Trendmicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.