An astounding number of medium-to-gigantic businesses, including some college campuses, use RFID—radio-frequency identification—fobs or badges as a “secure” way of getting around. Only people with fobs, the people who are supposed to access certain areas, should be able to do so. However, a team of hackers recently compromised a rural power company’s facility in several ways, including their RFID entries.
The RFID’s ease of use is one of the main reasons it’s such a popular option, with many companies touting it as part of their security processes, with some going as far as investing in picture identification cards as well. A typical installation of a single-door lock 7 reader costs between $1,500 and $3,000 depending on its features. The price varies depending on location, but these estimates are valid for Northeast Arkansas and similar areas.
As a recent Tech Insider article reveals, for around $700 hackers could acquire the tools, through Amazon or eBay, to break in to your facility. Less than a grand will land the parts needed to build a tool that can read RFID cards from a distance up to three feet. This means that someone could easily use the tool around one of your employees entering a restricted access area—in the article, posing as college students on a tour—and gain all the access information needed to clone the RFID card.
Here’s the good news: the security breach in the article was a test, and their study found the biggest errors to be the result of humans and not computers. With basic encryption, you can protect your RFID system; your employees using weak passwords and writing them on sticky notes would be your biggest worry. You can currently buy an RFID-blocking sleeve for your badges on Amazon for about $13. Stressing the importance of password security to your employees could be invaluable.