Physical Penetration Test Examples: RFID Cloner

The second common method to break into a facility involves an RFID cloner. For a relatively low cost (under $1,000), an attacker can purchase the parts and assemble an Radio Frequency Identification (RFID) cloner. This cloner, pictured below, can be concealed in a laptop bag, and the attacker will walk around the public areas (lobby, outside the entrance, nearby coffee shop) carrying the cloner. When the attacker gets close enough to an employee’s badge (approximately 24″) the cloner will scan and save the employee’s badge. At that point the attacker can clone that badge to another one, and badge into your offices like any other employee.

An RFID Cloner can be concealed in a laptop bag, and be used to steal employee badges as they walk by.

How to protect against RFID Cloning

The best way to protect against RFID cloning is to utilize multi-factor authentication. Multi-factor authentication is a combination of at least two of the following:

  1. Something you know (in most cases this is a password, but for physical protection this can be a PIN number that the employee has to type in).

  2. Something you have (this would be their RFID badge).

  3. Something you are (like a fingerprint scanner).

This protects against RFID cloning because, even if an attacker has access to the badge, they won’t know the PIN or won’t have the fingerprint. As a final thought, ensure that someone gets alerted if someone types an incorrect PIN multiple times.