CyberSecurity Knuggets
Aug 21, 2024
I just heard about a major cybersecurity issue involving hardware backdoors found in Chinese key cards. A security researcher discovered secret hardware backdoors in RFID key cards manufactured by a major Chinese company, which can allow threat actors to clone affected smart cards within minutes and access secure areas. These backdoors impact smart cards manufactured by Chinese company Shanghai Fudan Microelectronics that were built using MIFARE Classic chips from NXP. The backdoor seems to go back as far as 2007, meaning that many access key cards distributed over the past 17 years can likely be cloned with physical access within seconds. This poses a serious security threat, especially in places like hotels, banks, government buildings, and factories.
In addition to this, there have been several high-profile security incidents, including a hack on the Google Workspace of cryptocurrency platform Unicoin, a hack on GPS tracker vendor Trackimo, and a ransomware attack on Promises2Kids, a non-profit involved in child fostering in South California. These incidents highlight the increasing sophistication and frequency of cyberattacks targeting various organizations and industries.
Furthermore, the US House Committee on CCP has asked the Commerce Department to investigate Chinese WiFi router maker TP-Link due to potential national security risks associated with the company’s routers. This comes after warnings from CISA and cybersecurity firms about Chinese state-sponsored hackers using botnets made of home routers to hide operations against US and Western targets.
Overall, these incidents underscore the urgent need for organizations to strengthen their cybersecurity measures and remain vigilant against evolving cyber threats. The presence of hardware backdoors in key cards and the increasing frequency of sophisticated cyberattacks highlight the critical importance of proactive cybersecurity measures to protect sensitive data and secure critical infrastructure.
Stay Well!