Gym Lockers: Easy Targets for Hackers, New Research Shows
A new report reveals a concerning vulnerability impacting thousands of electronic lockers commonly found in gyms, offices, and schools. Researchers at the Defcon security conference demonstrated how cheap hacking tools can be used to extract administrator keys, potentially granting access to all lockers in a facility.
Vulnerable Systems: The research, conducted by Dennis Giese and "braelynn," focused on electronic lockers manufactured by two of the world’s leading companies: Digilock and Schulte-Schlagbaum. Their findings highlight a worrying trend across diverse security systems, as previous studies have exposed similar vulnerabilities in hotel door locks, high-security locks, and even commercial safes.
The Hack: The researchers, both with extensive experience in lock-picking, purchased used electronic lockers from various sources, including those sold after gym closures during the COVID-19 pandemic. By disassembling the locks, they were able to access the device’s firmware and stored data, including PINs, management keys, and programming keys.
"If you access one lock, we can open all of them in whatever the unit is—the whole university, the whole company," explained Giese. "We can clone and emulate keys very easily, and the tools aren’t that complicated."
Simple Tools, Big Impact: The accessibility of the hack is alarming. The researchers used readily available and affordable tools like the Flipper Zero and Arduino circuit boards to replicate the extracted keys and unlock other lockers within the same system. The ease with which these tools can be used underscores the potential for malicious individuals to exploit this vulnerability.
Unsecured EEPROM: Accessing the sensitive data was possible due to an unsecure EEPROM (Erasable, Programmable Read-Only memory) in the tested locks. The EEPROM is not effectively protected, allowing attackers to pull programming key IDs, manager key IDs, and user PINs/RFID UIDs.
Mitigation and Responsibility: The researchers reported their findings to both Digilock and Schulte-Schlagbaum. Digilock has confirmed they’ve released a fix for the identified vulnerabilities. However, Schulte-Schlagbaum has yet to respond to the researchers’ reports or WIRED’s request for comment.
The Need for Action: This research serves as a stark reminder of the ever-evolving nature of cybersecurity threats. While manufacturers are taking steps to address vulnerabilities, responsibility also lies with individual organizations and entities managing these locker systems.
Here’s what organizations should do:
- Implement immediate updates: Organizations should ensure all electronic lockers are running the latest software updates provided by the manufacturers.
- Regular security audits: Conduct periodic security assessments to identify vulnerabilities and implement necessary safeguards.
- Proper password management: Encourage users to create strong and unique PINs for their lockers and minimize the reliance on default or easily guessable codes.
- Educate employees and users: Provide training on cyber security best practices to raise awareness and promote responsible locker usage.
- Invest in robust security solutions: Consider implementing multi-factor authentication and other security measures that enhance the protection of locker systems.
Beyond Lockers: This incident raises broader questions about the security of everyday devices. As technology becomes increasingly integrated into our lives, we must remain vigilant about the potential risks and prioritize security measures to prevent exploitation.
The Key Takeaway is that even seemingly simple devices like electronic lockers can become vulnerable targets for hackers wielding inexpensive tools. As technology evolves, the responsibility to safeguard data rests with both manufacturers and users. By prioritizing security measures and remaining aware of potential risks, we can collectively mitigate vulnerabilities and protect ourselves from cyberattacks.
