Netflix series shows hacking of Ajax keyboard, company says it’s impossible

The Netflix streaming service in one of the episodes of the Berlin series showed a security system being hacked through an Ajax keypad. The company reassured and explained why you shouldn’t trust what you see in the movies.

Ajax noted that hacking is usually performed in three stages: searching for a keypad, gaining physical access or intercepting a radio signal, and hacking the system through third-party software.

Search for the keyboard

This stage seems very simple in the movies – the criminals immediately know where all the devices they need are located. They also easily distinguish between wired and wireless devices, although in reality it is not easy.

To determine the exact location of a wired keyboard, a criminal must use a powerful multiscanner to find the right cable in the wall. But it doesn’t identify which cable is found. In addition, a multiscanner is useless in a room with thick walls.

If it’s a wireless keyboard, a multiscanner won’t help. Criminals can scan the radio signal to determine the location of the wireless device. However, TDMA technology allows for a short period of time for data exchange between the device and the hub. The rest of the time, their communication modules are inactive.

“To an intruder, it may take dozens of minutes to pinpoint the signal’s source. And even then, there’s no guarantee that the detected signal source belongs to the intended device,” Ajax explained.

However, to catch the radio signal, criminals use a code grabber. This is a special device for intercepting the signal transmitted when arming or disarming the system.

“But still, it is impossible to hack an Ajax device in this way due to the signal encryption and a proprietary communication protocol,” the company added.

Physical access

To attack a security system, criminals try to gain access to the device quickly and quietly. Ajax listed what is wrong with this stage in reality.

As a rule, keypads are installed at the entrance to the premises. Usually, these are load-bearing walls made of brick, concrete, or reinforced concrete with a thickness of 25-50 cm. It is impossible to drill through such a wall quickly and quietly. Attempts to do so may not only attract the attention of neighbors, but also damage the device itself.

“The Fibra line of the wired keypad runs through the cable channel in the SmartBracket mounting panel. Channels have a curved construction, and the cable is fixed with ties. That is why, if intruders drill SmartBracket, they would probably cut off all the wires,” Ajax noted.

In addition to damaging the device, users and the Central Monitoring Station (CMS) will be notified of an intrusion attempt.

If a criminal tries to damage the security system using electrical sabotage (e.g., a stun gun), LineProtect Fibra will absorb the shock. All devices between LineProtect and the hub will continue to operate.

Sometimes in movies, criminals tear the keyboard off the wall and break it, which leads to a security failure. But the keypad is only a part of the system, so its damage doesn’t make much sense in terms of threatening the security of the system as a whole.

“In addition, the Ajax keypads have a tamper that notifies users and the CMS in case of opening the device enclosure, removing the device from the mounting panel, or detaching it from the surface,” the company emphasized.

Hacking

Ajax still managed to simulate a situation where a criminal connected to the keypad and went unnoticed by the system. The company says that this is only possible with Fibra. However, there are many nuances in this situation as well. For example, Fibra has four wires (two signal and two power), so connecting to a single wire, as shown in movies or TV shows, makes no sense.

Fibra uses floating-key encryption to protect data. Hacking and accessing data requires the capabilities of a supercomputer, so it’s a futile exercise.

“However, even encrypted data still needs to be reached. Each communication session between a hub and a device begins with authentication: unique markers and properties are compared. If at least one parameter fails the verification, a hub ignores the device commands. Therefore, there is no point in tampering or intercepting data,” the company also explained.

The keyboard does not store user codes, making it impossible to guess them. It is also impossible to guess the code using a brute force attack. Finally, it is impossible to hack the system undetected. Any disarming of the system is recorded, and users and the CMS are notified. No one can delete notifications from the hub notification feed.

With this in mind, the company reminded us that events in movies, TV shows, or advertising are subject to the laws of drama. Therefore, they advised to be more skeptical about what they see.