Experiment says Dormakaba X-10 series devices can be cracked using energy consumption data

Davis experiments minimal change in the power consumption of Swiss devices through third party channels

Last year, IO Active research named Mike Davis discovered vulnerability in locks supplied by Swiss Company DormaKaba Holding. This created high Security risk of electronic locks at ATMs, Government organizations, Pharmacy display cases and etc being cracked by measuring power consumption.

An experiment carried by Davis by attacking the Swiss devices through third-party channels and measured the minimal changes in electricity consumption with a $ 5k oscilloscope. This experiment was equipped with a built-in-batter and so can work even if disconnect to electricity. David explained about the experiment, “Most of the devices do not hide the energy behind power surges. They use what they need to do for their work”.

“I can load an analog signal and convert power signals to units and zeros. I know what’s going on inside the castle”, – the researcher said.

Some of the Dormakaba models of X-10 series are used at US military, presidential jets, and government organizations. According to Davis, these are in vulnerabilities of third party channels attack –they can crack devices through the above principle. Davis also discuss about his finding in the Def Con USA 2019 conference.

Eric Elkins, president of Kaba Mas and subsidiary of DormaKaba and X-10 manufacturing company, did not mention his single word on the issue that the researcher seeing, however, noted that this could endanger the classified information, if the attack works.

“It would be right to turn to the government, and not to a handful amateur hackers, or whatever you like to call them”, – Elkins added.

The researcher notified the finding of the Dormakaba. Now, the company hired an specialist to study the issue:

“As the results of the investigation showed, our current line of secure locks in a real environment works as expected”, – DormaKaba said.