A recent study by Dutch cybersecurity consultancy Modat has uncovered alarming vulnerabilities in over 49,000 Access Management Systems (AMS) globally.
These systems, designed to regulate entry into buildings and secure sensitive information, have been found to be misconfigured, leaving them exposed to potential cyberattacks.
The findings highlight a critical global issue affecting industries such as healthcare, education, construction, manufacturing, oil and gas, and government institutions.
AMS systems authenticate users through methods like passwords, biometrics, or multi-factor authentication and grant access based on predefined policies.
However, the study revealed that improper configurations have created two significant risks.
First, unauthorized individuals could gain physical access to restricted facilities.
Second, sensitive data stored within these systems such as employee names, identification numbers, biometric data, access credentials, and even work schedules could be exploited by attackers for phishing schemes, identity theft, and other forms of cyber fraud.
Global Scope of the Threat
The study identified the highest concentration of vulnerable AMS systems in Europe, the United States, the Middle East, and North Africa.
Italy topped the list with 16,678 affected systems, followed by Mexico (5,940) and Vietnam (5,035). India ranked 10th with approximately 1,070 cases. Surprisingly, Germany was not among the top 10 countries despite its advanced technological infrastructure.
The researchers emphasized that some of the most sensitive data at risk includes biometric information stored in modern AMS solutions.
This type of data is particularly valuable to cybercriminals due to its permanence and potential for misuse in identity-related crimes.
Lack of Manufacturer-Specific Details
While the report sheds light on the scale and severity of the issue, it does not specify which manufacturers’ AMS solutions are affected.
This omission leaves organizations across industries uncertain about whether their systems are secure or require immediate attention.
The findings serve as a wake-up call for businesses and institutions relying on AMS to secure their premises and data.
Experts recommend conducting thorough security audits and implementing robust configuration protocols to mitigate risks.
As cyber threats continue to evolve, ensuring proper AMS setup is no longer optional but essential for safeguarding both physical and digital assets.
