An MIT’s Technology Review article (RFID’s Security Problem, January/February 2009) earlier this year raises a point that has been discussed by many senior executives in the industry. Despite all of the hype and publicity, just how secure is the RFID technology that is supposed to be safeguarding, cargo being transported through our ports and cities?
”While new (RFID) technology seems likely to” “become a fiasco if officials don’t pay attention to the work of hackers and security researchers. These people try to expose weaknesses before they can be exploited maliciously. It’s much less painful to swallow the news from them than to wait until a problem becomes embarrassing — or devastating.”
In a paper co-authored with staff at the University of Washington and internet security firm RSA, the team detailed how the RFID chips can be cloned from distances of up to 50 metres. They also found that a key anti-cloning technique recommended by the Department of Homeland Security (DHS) had not been used on the tags.
Hackers can use an ordinary laptop computer to clone information on RFID tags and even “smart cards” and reprogram them.
The problem is a serious one, the conclusion that a single RFID based one approach is the sole solution is, in almost every case, flawed. The solution must involve a new set of technologies with enhanced, well thought out security protocols.