How Hackers Attack Physical Access Control Systems

Security Industry Association (SIA)

As physical access control system (PACS) technologies continue to advance, so do attackers. While card cloning can be effective, entry isn’t always gained with this method alone. Attackers are beginning to move beyond the card to the technology that supports it.

At ISC West on April 6 from 12:30-1:30 p.m., Valerie Thomas, Executive Security Consultant for Securicon, will discuss PACS components and their associated attacks, in addition how the vulnerabilities can surface, and what you can do to prevent them.

Register here for ISC West! Choose this and other education sessions at

Is there a lack of awareness about how PACS technologies can be hacked? And if so, why?

There is definitely a lack of awareness about the vulnerabilities in PACS technologies and implementations that could lead to an attack. The lack of awareness is largely due to the PACS not being appropriately managed in enterprise environments. The majority of PACS are the responsibility of the physical security division and installed by an electrical contractor. The cyber security team is rarely involved in the configuration and hardening of the system components, which create easy avenues of attack.

Do security manufacturers and installers effectively secure their own security equipment?

The majority of manufacturers do not effectively secure their own equipment. Many PACS components are running on outdated software with known exploitable vulnerabilities before they have been sold to a customer. In addition to outdated software, many vendors have default accounts with no or weak passwords that could award an attacker with the ability to control their entire system. Currently, I am not familiar with any installers that attempt to secure the PACS implementation during deployment.

Is there one current attack method that has surprised you? If so, why?

As a security researcher, I have not seen any surprising attack methods. I believe that many PACS owners are surprised to discover that their systems could potentially be used a pivoting point for an attacker to gain access into their organization’s network.

What’s the number one takeaway or message that attendees of this session will receive?

PACS-related attacks are here and not going away. My session will highlight the most common attack surfaces and how to identify indicators of potential compromise.

The views and opinions expressed in guest posts and/or profiles are those of the authors or sources and do not necessarily reflect the official policy or position of the Security Industry Association (SIA).