Read Time:1 Minute, 42 Second
According to a recent study, consumer smart locks are vulnerable to hackers who could easily exploit the fingerprint feature to target specific consumers.
James Cook University Singapore published a study recently that demonstrated how an attacker could use some hardware and hacking skills to gather fingerprints using a smart lock hack called drop lock.
As Steven Kerrison states, the hardware problem of IoT smart locks is due to the limit placed on them by constrained experts. In contrast to high-end smartphones and tablets, low-end IoT devices such as commercial smart locks lack dedicated secure storage for fingerprints and other biometric information.
“These gadgets frequently include less powerful CPUs and cheaper sensors, and they do not provide the same level of protection as a smartphone,” wrote Kerrison in the paper.
This is usually seen as acceptable depending on the worth of the product or what the sensor is trying to protect.
Kerrison constructed a proof-of-concept device to show how easy it would be to attach to a smart lock over Wi-Fi and use an attack or debug interface. With this access, he could change the software code on the lock so that it collected and submitted fingerprint data. The other option is to take the lock apart and connect it directly to the controller using debugging pads already on board. In either scenario, it can provide fingerprint data that may be used against other biometric systems.
In reacting to the findings with TechTarget Editorial, Kerrison stated that a real-world attack would most likely be directed at a planned target for a set length of time rather than a random bulk credential gathering.
The attacker must be nearby, within Bluetooth range, to gather fingerprints while the lock is enabled. After acquiring the print data, hackers can use it to access other devices that have more advanced security measures.
This study warns those who use smart locks with fingerprint scanners. Before relying on this technology for security, it is essential to know the potential risks.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
