Symtrex Inc.

Cyber Security Specialist

Call - 866-431-8972 | Send an Email | Request a Quote
Visit Us On FacebookVisit Us On TwitterVisit Us On Linkedin
  • Home
  • Profile
    • Contact Us
    • Security News
    • White Papers
  • Services
    • Compliance Regulations
      • PCI DSS Suite of Products
      • HIPAA/Hitech
      • SOX – Sarbanes Oxley
      • DCID 6/3/NISPOM Chapter 8/JAFAN DoD
      • NERC/FERC
    • Industry Consulting and Implementation
      • Banking and Financial
      • Energy/Utilities
      • Healthcare
      • Retail/Hospitality
    • Security Assessment
  • Security Solutions
    • Sophos
    • Endpoint Security Solutions
      • Bitdefender Business Solutions
      • Sophos Endpoint Protection
    • Forensic Solution – Threat Hunter
    • Network Access Control
      • NetShield
        • NetShield
    • NGFW – UTM – Perimeter Security
      • Sophos Network Protection
    • Security Awareness Training
      • KnowBe4 – Security Awareness Training
      • Sophos Phish Threat
  • White Papers
    • Sophos Webinar Series
  • Security News
    • Blog
    • Sophos Webinar Series
  • Free Security Tools

Guest Wi-Fi Flaw Endangers Devices, Full Hotel Networks

2015/03/27 by admin

InfoSecurity – by Tara Seals US/North America News Reporter, Infosecurity Magazine

Guests at hundreds of hotels around the world are susceptible to hackers because of routers that many hotel chains depend on for their Wi-Fi networks.

Researchers have discovered an authentication vulnerability in the firmware of several models of InnGate routers made by ANTlabs, a Singapore firm whose products are installed in hotels in the US, Europe and elsewhere.

An exploit could cause extensive damage. It would allow an attacker to distribute malware to guests, monitor and record data sent over the network (like credit card information). Also, the perpetrator could possibly gain access to the hotel’s reservation and keycard systems.

“If you’ve ever used Wi-Fi in a hotel, you’re familiar with these types of devices as they are typically tied to a specific room number for billing purposes,” said Cylance researcher Brian Wallace, in an advisory.

There’s also danger for the hotel itself. He added, “In some cases, we observed InnGate devices that were integrated into Property Management Systems (PMS). In cases where an InnGate device stores credentials to the PMS, an attacker could potentially gain full access to the PMS itself.”

As Wallace points out, the amount of information that can be compromised is rather breathtaking: PMS systems automate hotel functions like guest bookings, guest details, online reservations, point of sale, telephone, accounts receivable, sales and marketing, banquets, food and beverage costing, materials management, HR and payroll, maintenance management, quality management and other amenities.

Hotel property management systems may interface with central reservation systems and revenue or yield management systems, front office, back office, point of sale, door-locking, housekeeping optimization, pay-TV, energy management, payment card authorization and channel management systems.

The news gets worse. While a vulnerability that allows for full file-system access that can easily lead to a complete compromise of the system would logically need an advanced exploit, this unfortunately is not the case.

In actuality, any *nix system which has the rsync command available is capable of exploiting this vulnerability in just a few keystrokes.

“Remote access is obtained through an unauthenticated rsync daemon running on TCP 873,” said Wallace. “Once the attacker has connected to the rsync daemon, they are then able to read and write to the file system of the Linux-based operating system without restriction.”

He added, “Once full file system access is obtained, the endpoint is at the mercy of the attacker.”

Cylance uncovered vulnerable devices in 29 countries including the United States, Cuba, Australia and Italy. ANTLabs said that it is releasing a patch, which should be applied immediately. Wallace said that the vulnerability can also be mitigated by blocking the unauthenticated RSYNC process from internet access, a simple inbound TCP-DENY on port 873 on the upstream network device from the affected InnGate device.

Filed Under: Security News

Let us help answer any questions you may have

requestmoreinformation.fw

Security News and Updates

  • Was my information part of a breach?
  • Phishing and stolen credentials
  • Ransomware is the Biggest Threat for Small to Medium Businesses

RSS SecurityWeek

  • Twitter to Pay $150M Penalty Over Privacy of Users' Data
  • OT Remote Access Firm Xona Raises $7.2 Million in Series A Funding
  • Alleged Cybercrime Ringleader Arrested in Nigeria

Contact

  • Contact Us

Request More Info

  • Request Quote

Site Map

  • Site Map

© Copyright 2016 Symtrex Inc. ; All Rights Reserved · Privacy Statement