Welcome to my new blog series, "From Trash to Treachery: How Intruders Turn Everyday Items into Physical Breaching Tools." In this series, we will explore how common items found in everyday life can be used by intruders to bypass physical security measures. We'll take a closer look at how these items can be turned into tools for nefarious purposes, allowing unauthorized access to sensitive areas.
Intruders have always found new and innovative ways to get past security measures, whether it's breaking a window or picking a lock. However, what if I told you that intruders could use everyday items to bypass sophisticated security systems?
REX sensors, also known as request-to-exit sensors, are commonly used in commercial buildings to detect when someone wants to leave a secure area. They are usually installed near doors and consist of a motion sensor and a magnetic lock. When someone approaches the door, the sensor detects their movement and deactivates the magnet, allowing the door to open freely. While this is helpful to stay compliant with most modern building, fire, and ADA codes, there is a cost.
A REX sensor typically operates on a principle called passive infrared (PIR) detection. This means that the sensor detects the infrared energy emitted by objects in its field of view and reacts to changes in that energy. However, these sensors are not looking for body heat, only changes to the ambient temperature. This is the vulnerability we are looking to exploit.
We have two options to change the ambient temperature: hot or cold. An intruder will not want to bring unwanted attention by tripping a fire alarm, so cold is going to be the way to go(for now). Enter our bypassing tool: keyboard cleaner. If you have ever used keyboard cleaner, you probably know that once shaken or inverted, it sends an icy blast capable of freezing objects. We will use that to our advantage.
If we can see even a sliver of light through the gap in the double doors, we can insert the included straw and spray a burst of icy keyboard cleaner right under the sensor. The REX sensor sees our blast and says, "Oh, change in ambient temperature, must be someone wanting to exit." It then cuts power to the magnetic lock, and we simply pull the door open.
Keyboard cleaner may not be found in every dumpster and would require some planning ahead. However, it is common to find cardboard, magazines, or even old promotional material in a commercial dumpster. Another attack that can be implemented is to warm up a semi-rigid piece of material under your armpit. Once you have obtained your material, place it under your armpit to warm it to levels close to body temperature. Once it is ready, simply stick it through the gap and wave it under the REX sensor. If everything goes correctly, you should be able to trip the sensor in the same way.
Now, how do we protect our perimeter from threat actors, or even just meddling teens?
Option 1: Protect the gap.
Weather stripping is not a security device. Install aftermarket metal plates on the outside of the door that abutabut against each other. Another option here is to install a vertical post on the inside. Many doors come with this as an option at installation, but get removed the first time a large delivery comes. If you have it, use it!
Option 2: Adjust or relocate your existing sensor.
If your sensor can be tuned, reduce the sensitivity or focal distance. Typically, there will be a long approach to the door on the inside. If you can aim for five to ten feet away, make that the spot. You can also relocate your current sensor to a position that is not directly above the door.
Option 3: Upgrade.
Newer models of REX sensor use both microwaves and PIR in conjunction. A microwave sensor emits microwaves and detects changes in the frequency of the reflected waves caused by moving objects. This results in fewer false positives and eliminates the use of our keyboard cleaner trick.
In conclusion, it's crucial to be aware of the various ways intruders can bypass physical security measures using everyday items. The most important thing you can do to protect your perimeter is to think like an attacker. Pretend you lost your keys and look around your perimeter. What easy bypasses are available, how can you exploit them, and in turn fix them. There is a bevy of youtube and social media content on physical bypasses. Take some time to understand what is out there. By understanding these tactics and implementing appropriate countermeasures, we can better protect our sensitive areas from unauthorized access.
Stay tuned for more articles in this series!