Hackers build ‘master key’ that unlocks millions of hotel room doors

While you might think that your hotel room is safe, a worrying study has revealed just how easy it is for hackers to open your room door.

In the study, researchers from F-Secure were able to develop a ‘master key’ that unlocks millions of hotel room doors in thousands of hotels around the world – including those run by well-known chains.

Tomi Tuominen, who worked on the study, said: “You can imagine what a malicious person could do with the power to enter any hotel room, with a master key created basically out of thin air.”

To create a master key, an attacker needs to get access to any electronic key at the target hotel – including those that aren’t currently active.

The hacker can then read the key and use a small hardware device to derive more keys to the hotel.

Within minutes the device is able to generate a master key to the facility – and worryingly, the hardware needed is available online for just a few hundred pounds.

In their study, the researchers were able to create a master key for the lock system made by the world’s largest lock manufacturer, Assa Abloy.

The team notified Assa Abloy of the flaw, and worked with the firm to fix the issue.

Mr Tuominen said: “Because of Assa Abloy’s diligence and willingness to address the problems identified by our research, the hospitality world is now a safer place. We urge any establishment using this software to apply the update as soon as possible.”

While the researchers are not publishing full details of how the attacks could be carried out, they’ve warned people to be wary about hotel rooms.

Mr Tuominen added: “My recommendation is that people should continue doing the things they hopefully are already doing.

“That means don’t leave any valuables in your hotel room and use the door chain when you’re in the room or going to bed. If you haven’t been doing these things already, now might be a good time to start.”

Source: Read Full Article