Network Links Weaken Computer Security Systems
A design flaw in computer-controlled security systems could make at least 40 of the world’s airports and scores of other sites vulnerable to intruders, The New York Times reported Sunday.
The system, built by Receptors Inc. of Torrance Calif., is used for making security badges and controlling access to sensitive areas.
Because the system relinquishes control of door-locking mechanisms to the computer that programs and monitors badges, all entry points of a seemingly secure building become vulnerable to anyone who gains access to the computer.
For that reason, the computer isn’t supposed to be linked to other computers through a network and shouldn’t be accessible through telephone lines.
The company has acknowledged a problem, discovered in December by MSB Associates, a San Mateo, Calif., computer security firm doing a routine audit for a financial services software company, the newspaper said.
But Dale Williams, Receptors’ chief operating officer, said the problem lay not with the equipment but the way it was installed in some locations.
Williams said the company’s security equipment was being used in 40 airports around the world. The newspaper agreed not to disclose the locations, though aviation officials have quietly notified airports in the United States and Britain, the Times said.
Other sites using the system include state prisons, county jails, military contractors, technology and drug companies and federal government buildings, including the CIA, the Times said.