An engineer at Google discovered a major vulnerability that would allow a hacker to gain access to restricted areas at the company's offices in Sunnyvale, California. David Tomaschik told Forbes that he noticed that the encrypted messages that were being used to control the physical security system of the building were not random, which was a major red flag.
He explained that if a message is encrypted properly, it should appear to be completely random. He decided to dig deeper into the system, which was designed by Software House, an outside company that specializes in office security and discovered that a “hardcoded” encryption key was being shared by all the devices on the network.
He was able to make a copy of the key and use it to send commands to devices on the network. Tomaschik even managed to figure out how to mask his location and identity. Once he had access to the system, he was able to open up any door he wanted and even lock doors to keep employees out.
When Google was alerted to the security breach, they reached out to Software House who fixed the issue. While Google implemented safeguards to keep hackers out, the physical hardware will need to be replaced before the issue can be permanently fixed.
Photo: Getty Images