Jan 2019 AST Magazine Jan 2019 AST Magazine

www.AmericanSecurityToday.com January 2019 - Edition 31 www.AmericanSecurityT of the shadow control devices are typically proprietary and tem into reporting the status their short over-the-air time makes demodu- device instead. lation via commercial radio sniffing devices Properly designed equipment will limit access extremely difficult. to whitelisted equipment via unique identi- As the encryption is virtually unbreakable, fiers embedded into the physical hardware would-be attackers would likely try other components during manufacturing. disruptive approaches: Another, albeit difficult variation on this attack, Replay attack is cloning a device to use the same identifier. This attack involves recording and replaying In this case, two simultaneous radio broadcasts encrypted radio traffic that is not understood using the same identifier would result in RF in- in an attempt to confuse or break the system. terference alarms being generated. This attack can be thwarted by including se- Doing More with Less quence checking in the underlying protocol. Device swapping or cloning Security professionals, by trade, should be cautious when using new technology to secure sites. Device swapping consists of someone at- tempting to use similar equipment running At the same time, new technology is a driv- on the same radio channel to trick the sys- ing force behind better security and en- 8

Jan 2019 AST Magazine Jan 2019 AST Magazine | Page 10