Heaptalk, Jakarta — Spentera, an Indonesian cybersecurity company, has revealed that six out of seven buildings in Jakarta equipped with radio frequency identification or RFID-based access cards are at risk of being duplicated or cloned.
Due to the convenience and efficiency in managing access, RFID is often used in buildings and facilities that prioritize privacy and security, including offices, data centers, server rooms, parking areas, and hotel rooms. However, in some cases, if access cards are successfully replicated, unauthorized individuals can exploit them to steal goods or data, install harmful software or hardware, and pose potential threats to individual security.
Hanny Haliwela, Director of Research and Development at Spentera, stated that safeguarding buildings from access card cloning threats is a collective responsibility that needs attention. “It’s not only the building management’s responsibility; ensuring security from access card duplication or cloning threats is also a shared responsibility of the leasing companies and the employees themselves,” Hanny said in a written statement.
Applying additional protection and encryption measures
According to Hanny, building managers can implement several methods to address security vulnerabilities in conventional RFID systems, including additional protection and encryption measures along with anti-cloning features. He added, “These actions are strategic steps to enhance security, ensuring that the physical access to infrastructure remains optimally protected.”
Additionally, the general public, primarily workers in buildings, also play a crucial role in preventing potential attacks by adhering to security procedures established by management and reporting any suspicious activities in the building environment. To understand the security of RFID systems implemented as one of the Security perimeters, Spentera offers comprehensive technology through Red Teaming approaches. Red Teaming is a comprehensive approach to testing the security of a system using various methods, including physical access testing using RFID.
In addition to the physical attack testing, Red Teaming is a comprehensive method covering various security aspects companies require, from physical attack testing to cyberattacks. With Spentera’s specialized Red Teaming service, companies can ensure that their systems are optimally protected from various threats, both physical and cyber. Additionally, this approach also includes cyberattack testing, including network penetration, application security, and simulation of resilience to phishing and social engineering attempts.
“With the Red Teaming approach, Spentera provides an opportunity to comprehensively test physical access involving RFID. This includes evaluating potential illegal access, direct inspections of critical and central facilities, and implementing strict environmental controls. Thus, companies not only get effective solutions to protect their assets from various types of physical and cyberattacks but also strengthen their trust and reputation in the eyes of the public,” Hanny concluded.
