Understanding cybersecurity can be challenging. Although cyber threats such as data theft and financial fraud represent serious business concerns, physical threats often evoke more fear due to their tangible nature. With the boundaries between physical and digital security becoming increasingly blurred, innovative criminals are adopting methods to attack businesses on all fronts. A strategy that tackles the convergence of physical and digital risk is therefore imperative.
The physical threat posed by cybercrime
The intersection of the physical and virtual worlds is an underexplored and misunderstood grey area – but with very real risks. Consider the example of Saflok, the electronic door keycard system used in hotels worldwide. Hackers found a flaw in the lock software, compromising over three million locks across 13,000 locations in 131 countries. Alarmingly, this vulnerability was identified two years ago. This highlights a common issue in cybersecurity: the significant costs and resources needed for a complete overhaul often cause delays. In today’s cyber environment, breaches are inevitable; the only uncertainty is when they will happen.
The flaw in Saflok’s system allows anyone to create a counterfeit keycard capable of unlocking any door connected to the system. The process is surprisingly simple, requiring only an expired or existing room keycard. Labelled as ‘Unsaflok,’ the flaw involves manipulating the encryption algorithms of the keys.
Though this issue affects only one manufacturer’s lock, its widespread use makes hotels vulnerable worldwide. Addressing the problem is a daunting, time-consuming task that involves updating software on each lock individually, as well as replacing keycards and encoders. So, it’s no quick fix.
The perils of procrastination
Organisations must invest in cybersecurity; the cost of inaction could be immense. For instance, if a single room is accessed illegally, resulting in theft or a more ..
Support the originator by clicking the read the rest link below.
