Director of threat intelligence Billy Rios from Qualys, a large security tech firm, said that he discovered some flaws in the security machines used in airports. Hackers can spoof the machines and reverse the settings, creating a wrong reaction to screened weapons.
Rios bought two devices on eBay. One is a time-clock system which costs around $200 and is used to track the work of employees of TSA. The other is Itemiser, an $800 worth detection system for narcotics and explosives.
Manufactured by Kronos, the time-tracking system had two back doors which are hard-coded usernames and passwords that a hacker can use to gain access into the system. Rios discovered that there are around 6,000 of these devices that are connected to the Internet.
It's quite understandable for manufacturers to use a backdoor. Through this, technicians would be able to get in and perform maintenance procedure. However, it has also become a taboo among security watchers because hackers can also use it to gain unlawful entry.
Rios said that the system suffers from security weakness and can be decoded. This would allow a hacker to log in which could lead to disastrous consequences.
"It's a really, really bad problem," said Rios. "For some reason there's a paradigm in the embedded world where they want to do these technician passwords."
The other device, known as the Morpho Itemiser, is designed to detect traces of drugs and explosives. Its weakness lies in the fact that the machine can be reverse-engineered. However, the one used by Rios during the presentation was the Itemiser 3, an equipment not utilized by the TSA for its operations.
"If you're a super user you can do whatever you want," said Rios.
He explained that one thing a hacker would do is to remove one or perhaps even two items from the list. These removed substances could then pass through security.
A representative from the manufacturing company of the device attended Rios' presentation to defend their product. According to his statement, the company is scheduled to release an upgrade towards the end of the year to resolve their product's vulnerability issues. "Morpho Detection takes the security of its products and its customers very seriously."
Rios also found out that a lot of the information are revealed in the open. The Transportation Security Authority (TSA) has a 153-page document. It has the web-based Checkpoint Design Guide that informs the public how an airport security screen is properly set up. There are even pictures of the equipment, diagrams of the layout, and other details included which can be used by hackers.
"It has excruciating details, pushed out from a central authority," said Rios. "Even the bins have to be done in a certain way."