Trade Group Attacks RFID Virus Claims - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

10:31 AM

Trade Group Attacks RFID Virus Claims

Researchers claim to have discovered a way to infect an RFID chip with a virus, but in fact they just built a poorly designed system, said an RFID trade association.

LONDON — The trade association for automatic identification and mobility, AIM Global, attempted to refute key findings of an IEEE conference paper presented this week that suggested RFID tags could be used to corrupt databases and even spread computer viruses.

The paper, by Melanie Rieback, a third-year PhD student at Amsterdam's Vrije University, was presented at the IEEE conference in Pisa, Italy, on Wednesday (March 15), sent shock waves through the RFID industry.

Titled "Is Your Cat Infected with a Computer Virus?" the paper suggested computer viruses could spread from RFID tags through readers into poorly written middleware applications and backend systems and databases.

"Many of the basic assumptions in the paper overlook a number of fundamental design features necessary in automatic data collection systems and good database design," asserted AIM Global President Dan Mullen.

Mullen suggested that researchers built a system with a weakness and then proceeded to show how the weakness could be exploited. "Not surprisingly, poor system design, whether capturing RFID tag information, bar code information or keyboard-entered data, will create vulnerabilities."

The association said it recognizes the efforts of university researchers is designed to highlight RFID security issues. "But the methodology of this particular research is questionable,” added Mullen.

Responding to the paper, RFID experts and International Organization for Standardization scientists, meeting this week in Kyoto, Japan, to debate RFID standards, emphasized that fixed data RFID tags, such as those used to identify pets, cannot be changed and therefore are immune to infection by a virus.

They skirted the issue of whether other types of tags, such as those where data can be changed, are prone to attacks. The experts did note that specific attributes in RFID systems can protect the overall system.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
How to Create a Successful AI Program
Jessica Davis, Senior Editor, Enterprise Apps,  10/14/2020
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
Register for InformationWeek Newsletters
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll