Macro Systems Blog
Forget Backdoors, Hackers Can Now Infiltrate Garage Doors
Hackers have proven that they will do whatever it takes to get to your valuable assets, even if it means taking advantage of physical objects that work alongside a specific frequency. As it turns out, this is exactly how hacking a garage door works, and all it takes is a decade-old communications device to capture the frequency and unlock any garage door that utilizes it.
The contraption used to hack garage doors is built from a discontinued Mattel toy from 2007: the IM ME. The IM ME is a supposedly secure wireless instant messaging system that works similar to a mobile phone. It was meant to be a kid-friendly, secure alternative to a mobile phone for texting. The IM ME stores an address book for other users of IM ME, and used an Internet connection to communicate with each other. If you look at it now, you wouldn't be surprised to hear that it’s no longer supported and that it has no place in today’s computing world. Smartphones are largely more efficient and dynamic as communication tools.
Just last year, it was discovered that the IM ME could be turned into a device that can hack into any garage door that’s using an unsecured fixed code transmitted from a remote, rather than one which uses a “rolling code” that changes with every button press. This flaw was discovered by Samy Kamkar, an independent developer and technology consultant, who then proceeded to exploit the flaw to demonstrate its danger. He built the device using the IM ME as a base model, then added a simple antennae and open-source hardware attachment.
Kamkar, calling his device OpenSesame, explains that his device works differently from what are called “code grabbers.” An ordinary code grabber will snatch the code from the garage door button when it’s pressed, and reuse it to open the door at a later time. This requires the hacker to be present when the button is pressed (similar code grabbers also exist for automobile key fobs, which is a pretty scary concept on its own). OpenSesame can accomplish this same goal without being near the user, which makes it much more dangerous.
The most dangerous part of this hacking experiment is the fact that any hacker can walk up to a vulnerable garage door and have it open in around eight seconds. As reported by WIRED:
Using a straightforward cracking technique, it still would have taken Kamkar’s program 29 minutes to try every possible code. But Kamkar improved his attack by taking out wait periods between code guesses, removing redundant transmissions, and finally using a clever optimization that transmitted overlapped codes, what’s known as a De Bruijn sequence. With all those tweaks, he was able to reduce the attack time from 1,771 seconds to a mere eight seconds.
If you’re curious about how Kamkar’s device works, you can watch this video to see the device in action. Furthermore, if you want to see if your own garage door is vulnerable, you can view this video where he goes into detail about which doors are vulnerable, and why.
This more than proves the fact that hackers engage in some dangerous and unpredictable acts, and that the Internet of Things continues to be a major reason for this. With so many more devices connecting to the Internet and communicating with each other with near-field communications and Bluetooth, the situation could very quickly turn into a nightmare scenario for your business. If your network isn’t prepared to handle the dangers and threats that come from unregulated Internet of Things devices, it’s a very real possibility that your organization could suffer a data breach or worse. It’s your responsibility to ensure that you aren’t putting your business at risk.
Macro Systems can give your business a quality network assessment that can help your team accomplish its security-oriented goals. To learn more, give us a call at (703) 359-9211.
Comments