Osyter hack details released

Researchers have released information on an Oyster card security vulnerability that could leave the London Underground open to abuse by hackers.

Osyter hack details released

The researchers from Radboud University in Holland announced in June that they had altered the information stored on a MIFARE RFID chip, the basis of the Oyster card system, giving them a day’s free travel on the London Underground.

The chip, made by NXP, is also used in a variety of office security systems, which could also be vulnerable. Over half a billion of the RFID chips have been sold worldwide.

“Once we knew how the system worked and what the vulnerabilities were, it turned out to be very simple to actually clone cards, steal someone’s identity and enter a building as someone else”, said Professor Bart Jacobs, one of the research team, speaking to the BBC about an experiment with an office security system.

The researchers announced their intention to reveal the technical details behind the hack, but were delayed by a court injunction from NXP attempting to stop the release of the details.

The company has now admitted that it does not recommend the ageing MIFARE classic chip for use in new installations, and is working with existing customers to review their security infrastructure.

The paper was given yesterday at the European Symposium on Research in Computer Security in Spain, although the exact source code used by the group will not be publicly revealed.

“The illegal cloning of cards is complex, risks physical detection and is of limited value as we’ll block any fraudulent card within 24 hours,” says a Transport for London spokesperson.

“Ticketing fraud is a criminal offence and TfL will prosecute wherever possible. There is CCTV across the Tube, bus and DLR networks and our staff and the Police will remain vigilant.”

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.