Security News > 2024 > March > Forget TikTok – Chinese spies want to steal IP by backdooring digital locks

In a letter to National Counterintelligence and Security Center director Michael Casey, US senator Ron Wyden urged the White House threat-intel arm to sound the alarm on commercial safes and locks.

Most commercially available safes include manufacturer reset codes for their locks to help consumers if they lose or forget the code they set.

"These backdoor codes can be exploited by foreign adversaries to steal sensitive information that US businesses store in safes, such as trade secrets and other intellectual property," Wyden warned.

This, he added, is especially risky when it comes to Chinese-made electronic safe locks - such as those manufactured by SECURAM Systems, a major seller of electronic safe locks sold in the US. "Although DoD has informed my office that the company's products are not approved for US government use, its low-cost products have enabled the firm to dominate the consumer-focused portion of the market," Wyden wrote, noting that SECURAM's website confirms its products include manufacturer reset codes.

"Consequently, SECURAM could be forced to share codes with the Chinese government that would enable surreptitious or clandestine access to the safes used by US businesses."

In light of this "Espionage threat posed by foreign spies," Wyden wants to see the NCSC update its educational materials with recommendations that businesses use locks that also meet US government security standards - and presumably without backdoor codes.

News URL

https://go.theregister.com/feed/www.theregister.com/2024/03/14/chinese_espionage_safe_locks/