This story has been another unfortunate illustration of Bluetooth security vulnerabilities and lock vendors who may lack the expertise in cybersecurity to secure your property properly when using digital keys. In this case, the attack strategy used is known as a relay attack.
How we prevent relay attacks
Relay attacks are well known. The only excuse we can understand for making it possible is “we didn’t know better”. Security experts should. We prevent relay attacks with the following process.
Every lock has its own digital certificate signed by the Teleporte Digital Signing Authority (DSA).
Every Teleporte Mobile App downloads the digital certificate and authenticates the lock’s digital certificate with the Teleporte DSA.
The mobile device only communicates with locks that are verified authentic through steps 1 and 2. Mobile devices use the lock’s public key to encrypt information, knowing the only endpoint capable of decryption is the lock itself.
We change the encryption for every new connection between the lock and the mobile device.
Step number 4 is the key (no pun intended) to preventing a relay attack. While a sniffer might be able to see and repeat the byte sequence that unlocked the lock moments ago, the lock enforces a new method of encryption for each connection. Repeated old data is useless in future connections.
We like our competitive advantage in digital security. We’d like it even more if people could trust keyless access solutions in general.
Teleporte makes it easy to grant physical site access to almost anybody at almost any time. Our customers issue digital keys all day long. Contrast this to setting up a Teleporte physical access control network for the first time, or adding new locks. That’s something that only happens rarely.
We recognize that a secure system is one where the user rights are in line with the job requirements. That’s why we are introducing Access Manager with Teleporte 3.15. Access Manager is a new profile created for our customers. Like a Teleporte Admin, Access Manager has all the power to grant and revoke keys and deal with any issues that might arise on the network. Unlike a Teleporte Admin, Access Manager can’t modify the locks setup in the system, or modify users, or other setup activity.
Customers who outsource their NOC manager roles will really appreciate this new role. The contractors will be able to do their jobs effectively without risk that they do things that might cause harm.
All customers will be seamlessly updated to 3.15 in May 2022. Customers should email [email protected] if they would like advice on migrating some existing Teleporte Admin accounts to the new Access Manager profile. Anyone else should contact us to learn more about what Teleporte can do for you.
Sera4 is, first and foremost, an information security company. Earlier this year, we achieved ISO 27001 certification to demonstrate our commitment to cybersecurity. That project involved adapting all our company processes to match cyber-secure best practices. But we didn’t stop there.
We’ve also recognized the need for cyber-certified personnel to ensure we have the necessary expertise on staff. We’re proud to announce that we now have a Certified Ethical Hacker (CEH) on our team at Sera4.
What does CEH mean and do for our organization?
Ethical hackers (or white-hats) focus heavily on the hackers perspective. In the cyber world, we have primarily those who hack people (called the red team) and those who defend and fortify against them (called the blue team). The blue team learns both the toolsets and the perspectives of hackers and learn and constantly apply blue team logic to red team activities. Ethical hackers are blue team. They spend time actively doing reconnaissance activities, learning about new ways to break into a system, and then put up barriers to defend against them.
Ethical hackers certifications are another way that Sera4 continues to raise the bar on security and defence. When combined with penetration testing, this approach provides the best overall end-to-end security. We’re actively staying ahead of the pervasive threats that are becoming more common every day.
To learn more about CEH and understand why it should be a requirement for any connected service today, contact us.
We choose to do it because we believe this is the best way to ensure both the security of the platform and the best possible user experience. Not all keyless access control providers insource their app development or software engineering resources. We believe that the risks are too high to save money like that.
There are some things you can look at before downloading an app that can give you some clues to how well-designed and maintained it is.
How recent was the latest update? Operating systems constantly change and security threats evolve. Apps need to be constantly updated to keep pace. We suggest that an app that hasn’t been updated within the last 4 months has been suffering for lack of attention.
How many downloads does it have? This can give a good sense of how much real-world use this mobile app has seen. Apps with recent Release Dates or few downloads may still have some bugs to work out.
How big is it? Bigger downloads are often a result of the inclusion of cross-platform libraries, media or extra code. All this extra code can present added attack surface. Besides, who wants to run out of phone memory faster?
And, of course, take a look at the ratings and reviews in the app store, and decide for yourself.
If you’d like to learn more about how we design the app, our embedded code, our cloud servers for security from the ground up, contact us.
PS. Of course, we code our embedded firmware and cloud servers 100% in-house at Sera4 as well, and our apps are coded natively and independently for Android and for iOS.
A few days ago, the online world became aware of a security vulnerability in the Java log4j module, which is commonly used in web services around the world. Details about this security flaw are found in across the internet in sites like this.
At Sera4, we took action immediately with a complete security audit of our systems. This notice is meant to help our customers who are doing a security audit. We assure you that Teleporte and Sera4 remains secure and unaffected.
Sera4 does not natively use Java in our technologystack, which is the primary way services are compromised. We identified one internal tool which uses Java and log4j. However, that internal tool is not vulnerable (due to the log4j configuration) and a scan to confirms that security is maintained.
To our customers, Sera4 confirms:
All of our applications and cloud environment have not been affected by this exploit.
We use one internal tool which relies on log4j; it was not affected by this exploit. The tool has since been upgraded to 2.17.0 to ensure that future configuration changes do not render the application vulnerable.
To our anyone new to Sera4 and Teleporte, talk to us about how to get started with a keyless access control that is as digitally secure as it is easy-to-use.
In 2021, your mobile device is likely the hardest-working item you own. If you left your house with only your mobile device in your pocket, would that stop you from having a productive day? Need to check your bank balance? Use the banking app. Buying a latte? Your mobile wallet can take care of that. Have to show your proof of vaccination? Your proof of insurance? Trade stocks? Turn up the heat in your house? Check to see who’s at your front door? You can do all that, from your phone.
We have placed so much trust in the devices we carry around in our pockets, and the cloud software that secures them. We often don’t think twice about adding a password to Apple Keychain, or storing the most personal details of our lives on our phones. But for some reason, many are reluctant to place that kind of trust in their mobile device when it comes to keyless access control.
Traditional keys are an anachronism in today’s digital world. An artifact from the past, we find some kind of comfort in having a metal key in our possession, to protect what’s important to us. As long as we have “the key”, no one else does, and we derive a great amount of security from that knowledge.
In our homes, this might make sense. Most of us can say, with a high degree of confidence, that we know exactly how many keys to our front door exist, and who has them. However, most organizations are experiencing key sprawl, and they don’t even know how widespread it might be. It’s impossible to know how many times keys have been copied, who has them, who’s using them, and why. Organizations traditionally deal with a misplaced key by rekeying locks, at significant expense and inconvenience. It’s easier, people think, to give a key to anyone who needs it, and deal with the consequences of a key getting into the wrong hands, than it is to design an access control system with digital keys and identity management in mind from the beginning.
Organizations are sacrificing security for convenience every day, with both cyber/information assets, and critical infrastructure. While a lot of effort is put into creating the illusion of compliance protocols, not enough is being put into actually securing assets. We believe that it’s not enough to lock up an asset; organizations must understand who is accessing what, when, and why.
Access control is about more than securing assets; it’s also about implementing a defensible solution to assure regulatory compliance. Cloud-enabled access control solutions allow organizations to proactively improve operations, generate reliable audit trails, enforce safety protocols, control regulated materials, and defend litigation.
Before you issue another mechanical key, or rekey a set of locks after an asset has been compromised, stop and think about the real value of that piece of metal. We’re confident that it’s not as valuable as the security and insights to be gained from a robust keyless access control solution. To learn more about our cloud-enabled access control platform, Teleporte, and the supporting locks and controllers, visit us here or connect with us. We’d be happy to explore these ideas with you.
When we onboard a new customer, we set up a complete cloud environment for our customer. At Sera4, we can only access to data about your locks, your operations and your users if you explicitly grant us access (sometimes you may choose to do that if you request specific training or support from us. This level of security around user data in the cloud is an industry best practice and is not unique to Sera4. We call each customer’s cloud environment an Organization.
What happens to the locks and controllers on a Teleporte network often gets overlooked by our customers. It is all orchestrated by Sera4 in the background. Each Sera4 lock has firmware that we’ve been developing in-house for years. This firmware includes all the security protocols to reliably and securely communicate with the Teleporte Mobile Application. It also contains a unique digital certificate that we call the Organization Control Code (OCC).
Each active lock and controller has an OCC. This OCC is the same for all locks in an organization. It filters all commands from the Teleporte Mobile Application, so that any requests or instructions that do not come from a matching Organization are ignored. This way no other Teleporte customer can interact with your locks in any way. Only you control your locks. When combined with Teleporte’s off-network architecture, we believe this is the most secure way to secure your assets.
By default, the OCC is setup to be Sera4. When locks and controllers get moved into a new organization, the OCC is automatically updated to reflect the ownership and control of the hardware. Thanks to the magic of Public Key Cryptography, virtual keys and commands from the Sera4 organization are subsequently ignored by the lock – the new organization is the ultimate master.
Most of our customers never know about the OCC. Sometimes our customers have to change the OCC on their locks. An example when this happens is when one telecom networks’ tower assets are sold to a tower company. It’s easy within our software to issue the command to update an OCC, but the command needs to come from the users in the right organization. This requires this users to visit each lock to change the OCC. Notably, this can sometimes be inconvenient – but is required to keep your locks secure in the field. Teleporte doesn’t use any secret or master keys.
This month, we are introducing the option for OCC sharing – the ability for organizations to share their OCC with other organizations. We will be providing the option to customers to give their Sera4 Authorized Integrator access to manage their locks with a second OCC. This means that locks/controllers can be moved between two (or more) organizations without the complication of updating the OCC first. Changes to the OCC will occur on the next interaction with the lock and as always – command and control of your Sera4 locks happens seamlessly.
We encourage anyone buying a product or service to think critically about why it may be sold by subscription. In some cases, the subscription is tied to consumables. In other cases, the subscription is tied to access to content (like streaming services). Sometimes, it’s just a supplier who did the financial calculus and forces it for the shareholder returns.
In other cases, such as with our cloud-enabled access control software platform Teleporte, it’s tied to constant updates to keep up with phone models, security updates, and real-time support for your operational peace of mind. We continue to add value over the lifetime of the subscription, and our customers choose us over other solutions because of this added value.
We believe that our Teleporte subscriptions are valuable for the advanced features that are possible with keyless systems. We also believe that there is far more value for our customers in these systems than the price of the subscription. For customers who agree with this, they will continue with Teleporte Enterprise or Standard.
For customers who don’t see the value, or customers who simply have budgets cut (like many of our municipal customers did at the start of the pandemic), then we have Teleporte Basic. It’s free, and allows the locks to maintain basic keyless access functionality, but they otherwise behave like mechanical locks, with no reporting and no advanced features. It’s our way of providing assurance that we’re never going to hold you (or your property) hostage.
We sell new hardware with a minimum one-year Teleporte Enterprise or Standard subscription. We want our customers to have some time with a subscription package to experience the value to their application and organization, and then make an informed decision whether to renew. We also offer packages for customers who prefer to just pay once, up-front.
Selling a one-time purchase can be easy. Keeping loyal customers, who renew their subscriptions, requires a different level of service, reliability, and product quality. We want our customers to love, value, and renew their Teleporte subscriptions, and we do the work to keep them happy.
We see good reasons for some offerings to be structured as subscriptions. Ultimately, the decision on whether a subscription is a good value and a smart buy is up to the customer. In our view, it’s really important that the structure and costs of an offering is clearly explained in advance, so that the customer can make an informed decision.
We continue to see security threats affecting IoT devices. In this recent Ars Technica article, they share that a lot of these devices are exposed because they are built with old TCP/IP network stacks that use old security paradigms. That’s one of the risks in using open-source code. And the risks are really serious – opening back-doors in otherwise secure networks for all sorts of nefarious activity.
We want to remind people that such attacks aren’t possible on Teleporte-controlled locks.
No TCP/IP stack – we aren’t vulnerable to this specific attack because we don’t use the Internet Protocol
No open-source code – we have designed and implemented ALL embedded code in-house (Canada)
No connectivity to customer networks – there’s no way to open a back door into your network when our devices aren’t even on the network.
You can continue to rely on Teleporte‘s security because, from the start, we’ve incorporated a security-first approach. While IoT risks in the world are some of the most serious and difficult ones, they don’t have to be if the systems are designed with security in mind.
Trust in us, as security is our #1 focus, and we’ll continue to deliver secure solutions to the market.
Last week, Silicon Valley-based Internet of Things (IoT) security and surveillance provider Verkada announced a major cyberattack, which allowed hackers to gain access to live feeds and archive video associated with 150,000 cloud-connected devices. Most organizations affected by the attack found out about it when their surveillance images—including footage from inside prisons, hospitals, and software providers—started circulating online. The attackers were able to gain access to the command-and-control systems of these cameras, which gave them unfettered access to cameras in organizations across the world.
Whenever there is a cyberattack of this nature, it leads people to question the security of cloud solutions. However, this shouldn’t cause general fear, uncertainty, or doubt around using systems that have a cloud architecture. A well-designed cloud system is perfectly secure.
While the details of the compromise are not yet available to the public, there are several hints as to the vulnerabilities of this specific hack, and some key actions enterprise IoT users can take to protect themselves against similar attacks.
“The attack targeted a Jenkins server used by our support team to perform bulk maintenance operations on customer cameras.”
The system was compromised by accessing a vulnerable support server. The fact that a support server has either direct access to the command-and-control of cameras themselves, or the fact that it could be used to penetrate another system with access, suggests vulnerabilities in the vendor’s overall design. Simply, their network infrastructure is not configured with a model of zero trust. Founded by former Forrester Vice-President and Principal Analyst John Kindervag, zero trust is a security framework that reduces the potential for data breaches by removing default trust/access to systems, even those within the firewall.
“…we have no evidence at this time that this access was used maliciously against our customers’ networks.”
If the IoT device is installed within a corporate network, it’s easy to setup the network so devices don’t have access to anything within the network. VLANs and Layer 2 switching make physical separation of networks easy, and can avoid security concerns. Most hacks are not due to the inherent security of the solution, but the mistakes made in securing it.
Enterprise IoT customers can also ensure that any connected device coming into the organization is updated from default passcodes or admin passwords. In an interview regarding the Verkada breach with CCTVBuyersGuide, Asaf Hecht, Cyber Research Team Leader from CyberArk commented, “The potential for breaching common IoT devices, like security cameras, is something we’ve been talking about for years. Cameras, much like other hardware devices, are often manufactured with built-in or hard coded passwords that are rarely, if ever, changed by the customer.”
“While we can’t be sure that’s what happened in this case, recent breaches certainly have ‘scale’ in common, demonstrating attackers’ growing confidence and precision – and ability to efficiently extrapolate weaknesses for impact.”
Is Sera4’s Teleporte cloud solution for keyless access control safe? TL;DR YES!
Teleporte implements a network design that doesn’t have support servers connected to our private cloud. Teleporte implements its services in independently ISO 27001 managed data centers; there is no dependence or connectivity on support servers in our office. The office is a place to work—not a place we depend on to run our products.
Teleporte, when implemented in the cloud instead of an enterprise network, means our customers don’t have to worry about compromised systems affecting Teleporte services—and neither do we. Internal enterprise systems, and even your employees, don’t have direct access to the Teleporte servers.
Finally, Teleporte locks and lock controllers don’t have IP addresses. They aren’t directly connected to the Internet, and as such can’t be opened en mass by an external hacker. Equally, they could never be taken over to compromise your enterprise network.
Cloud Security By Experts
Ultimately, there are many examples of products that operate effectively from the cloud. The best cloud products were built by experts who approach products and solutions with a security first mindset. The Sera4 team is comprised of network, mobile, and embedded experts, and a security first approach is in our DNA. Our solutions were purpose built to provide the most secure, scalable, and reliable keyless access control on the market. Book a demo of our Teleporte solution and you’ll find that the decision is easier to trust than the alternatives.