Risks of a legacy access control system
Is your access control system putting your security infrastructure at risk? Learn about the impact of legacy access control systems and find out how to protect your organization.
For years, the main function of an access control system (ACS) was to securely manage access and cardholder rights. Today, it can do so much more.
The access control space is changing fast with technologies like cloud solutions, biometrics, and mobile credentials. Today, access control systems can handle visitor management, integrate with IIoT devices for automation, provide enhanced data analytics, and offer personalized experiences by integrating employee databases. They play a crucial role in emergency response and help ensure regulatory compliance with audit trails and secure storage.
These innovations offer better security and convenience but can’t be supported by older systems. Keep reading to explore how upgrading your access control system can help ensure compatibility with the latest technologies and enhance overall security – not to mention a better user experience.
WHITE PAPER
How IIoT is impacting access control systems
New technologies have increased interconnectivity between security systems as part of the industrial Internet of Things (IIoT), allowing cybercriminals ways to threaten an organization’s entire network using your access control system as an entry point.
Most access control systems today are internet protocol (IP) based, meaning they connect to a network through the internet. This can provide added benefits that a traditional access control system cannot, like the ability to scale up easily or collect large amounts of useful data to enhance security and operations.
Legacy access control, on the other hand, can be tied to an organization’s network as part of their physical security system, but they lack the cybersecurity features necessary to defend against the evolving cyber threats that emerge each year. Although these legacy systems might appear sufficient for employee badge-in and badge-out processes, they are susceptible to cyber threats because of their outdated technology.
BLOG
Common cybersecurity threats to access control systems
As cyber threats continue to evolve and the IIoT expands, cybercriminals can navigate through a compromised network to take control of other security systems or access personal information from internal records. Here are some common cybersecurity threats related to access control:
Skimming and relay attacks |
Criminals use readers to obtain and clone information on the badge itself without the consent of the owner. Source skimming involves a malicious actor modifying the reader by adding an extra physical layer, which enables them to record all interactions and clone the card.
Relay attacks |
A relay attack occurs when a criminal positions a transmitter near a reader and a credential, enabling them to mimic the credential. This technique is similar to those used in car theft. By employing these methods, criminals can gain unauthorized access to a facility without any approval.
Tapping |
Tapping happens when a criminal intercepts the data transmitted between the reader and the controller. Typically, they will remove the reader from the wall and connect it to the wires using a low-cost device readily available online. This setup allows them to log and replay card reads, usually through Wiegand output, though it can also affect OSDP. While OSDP can be configured for security, it can still be vulnerable if the secure channel isn’t enabled or if default keys are used for pairing.
BLOG
Controller attacks |
Like any other device, an access control system can be vulnerable to attacks that might allow a hacker to gain control of the device, impersonate it, or access unauthorized information. Once the hacker has access, they could manipulate door controls and launch a denial-of-service attack to prevent access and disrupt operations. In a production facility, this could lead to significant financial damage.
This underscores the importance of applying proven IT practices, including a layered approach to cybersecurity and standard encryption protocols. Standard encryption is well-established with other network devices and benefits from a larger community, which enhances the likelihood of quickly identifying and patching vulnerabilities. Proprietary protocols may delay issue detection and lack the broader support needed for rapid resolution.
Man-in-the-middle attacks |
In a man-in-the-middle attack, a cybercriminal gains access to a network to glean information exchanged between devices, such as door opening codes or device logins and passwords.
The impact of a vulnerable access control system on your network
Your physical security system is only as strong as its weakest link. This is why a cybercriminal who breaches a legacy access control system can also gain control over the other systems connected to your network. Traditionally, this wasn’t an issue, but greater interconnectivity between systems has made it easier for threat actors to use a vulnerable access control system as an entry point for your entire database.
Once a threat actor gains access to your network through the access control system, you risk losing control of essential security systems, like your video management system, for example. Other connected systems are also vulnerable, like the heating, ventilation, and air conditioning (HVAC) or elevator systems, which could be used to cripple security and operations if breached.
BOOKMARK IT
Network breaches are putting your data at risk
Once a network has been breached, all data becomes vulnerable, including sensitive information stored internally. Threat actors often look to move around a breached network to search for information that will generate the most financial gain. This usually leads them to valuable data like personal information about employees or customers or private financial data relating to your organization.
As cybercriminals continue to search for ways to access security systems and sensitive data, an unsecured legacy access control system lacks the features to defend against an evolving number of cyber threats in the fast-changing threat landscape. According to the Global Risks Report 2023 from the World Economic Forum, cybersecurity will remain a constant concern, and there will be a continued risk in the years to come from attacks against technology-enabled resources and services.
Vulnerabilities can arise at multiple levels within an access control system, including credentials, controllers, servers, and workstations. At the credential level, weak or compromised access cards can be exploited. Controllers, which handle access and permissions, may be targeted through attacks on their configuration or firmware. Servers responsible for processing and storing access data can face breaches that expose sensitive information. Workstations used for security management can also be vulnerable to malware or unauthorized access, compromising the entire system. Ensuring robust security requires addressing vulnerabilities at each of these critical points.
How your access control system can enhance cybersecurity
Modernizing your physical access control can open up numerous opportunities and significantly boost your cybersecurity posture. With a wave of innovative technologies entering the market, some are emerging as clear leaders. Our latest State of the Physical Security Report highlights that access control remains the top investment priority for IT and physical security teams for the second consecutive year.
Cybersecure solutions like IP access control, network access control, and cloud-based access control are at the forefront of modern security. IP access control utilizes internet protocols to manage and monitor access, offering precise control and detailed logging of entry points. Network access control enforces access rules based on security policies, ensuring only authorized devices can connect.
BLOG
Cloud-based access control uses cloud technology to manage credentials and permissions, providing scalability, real-time updates, and strong data protection. These advanced systems enhance cybersecurity by allowing more detailed control, real-time monitoring, and quicker responses to threats.