Unpickable But Still Unlockable: Lock Bypass Tricks in the Field

Presented at A New HOPE (2022), July 23, 2022, 1 p.m. (50 minutes)

Physical red-teams rely heavily on nondestructive bypasses when doing vulnerability assessments: under-the-door tools, latch-based attacks, climbing through vents and around walls and fences. But how well do these techniques actually work in the field - when time is of the essence and it's not in a controlled training environment? This talk will focus on a plethora of real life successes, failures, and lessons learned for how to make these techniques work in practice. Karen and Bill have talked extensively about the mechanics of lock bypass in the past - most notably at the Bypass 101 sessions Karen gives with the Physical Security (formerly Lock Bypass) Village. They will recap the fundamentals of each technique here too - but now you'll get to learn from their years of experience in what actually works.

Presenters:

• Karen Ng
  **Karen Ng** (**@hwenab**) is a risk analyst at GGR Security, and is one of GGR's entry team for physical penetration tests. She has a strong interest in physical security, delivering trainings on physical security vulnerabilities to a wide range of audiences. Karen comes from a background in engineering and has extensive experience in major event logistics. She is one of the village leads at the Physical Security (formerly Lock Bypass) Village, and works with the rest of the LBV team to teach how to recognize and fix security exploits to the community. Graphic design is her passion.
• Bill Graydon
  **Bill Graydon** (**@access_ctrl**) is a principal researcher at GGR Security, where he hacks everything from locks and alarms to critical infrastructure. This has given him some very fine-tuned skills for breaking stuff. He's passionate about advancing the security field through research, teaching numerous courses, giving talks, and running the Physical Security (formerly Lock Bypass) Village at various cons. He's received various degrees in computer engineering, security, and forensics and comes from a broad background of work experience in physical and cyber security, anti-money laundering, and infectious disease detection.

Links:

• https://scheduler.hope.net/new-hope/talk/XYKVDY/
• https://infocon.org/cons/2600/A New HOPE (2022)/A New HOPE (2022) Unpickable But Still Unlockable Lock Bypass Tricks in the Field.mp4
• https://infocon.org/cons/2600/A New HOPE (2022)/A New HOPE (2022) Unpickable But Still Unlockable Lock Bypass Tricks in the Field.srt (subtitles)

Similar Presentations:

• HOPE 2020 Virtual Rescheduled / Bypass 101 - Day 6
• HOPE 2020 Virtual Rescheduled / Bypass 101 - Day 5
• HOPE 2020 Virtual Rescheduled / Bypass 101 - Day 4