Symtrex Inc.

Cyber Security Specialist

Call - 866-431-8972 | Send an Email | Request a Quote
Visit Us On FacebookVisit Us On TwitterVisit Us On Linkedin

Profile

 [metaslider id=2951] … Read More

  • Home
  • Profile
    • Contact Us
    • Security News
    • White Papers
  • Services
    • Compliance Regulations
      • PCI DSS Suite of Products
      • HIPAA/Hitech
      • SOX – Sarbanes Oxley
      • DCID 6/3/NISPOM Chapter 8/JAFAN DoD
      • NERC/FERC
    • Industry Consulting and Implementation
      • Banking and Financial
      • Energy/Utilities
      • Healthcare
      • Retail/Hospitality
    • Security Assessment
  • Security Solutions
    • Sophos
    • Endpoint Security Solutions
      • Bitdefender Business Solutions
      • Sophos Endpoint Protection
    • Forensic Solution – Threat Hunter
    • Network Access Control
      • NetShield
        • NetShield
    • NGFW – UTM – Perimeter Security
      • Sophos Network Protection
    • Security Awareness Training
      • KnowBe4 – Security Awareness Training
      • Sophos Phish Threat
  • White Papers
    • Sophos Webinar Series
  • Security News
    • Blog
    • Sophos Webinar Series
  • Free Security Tools

Guest Wi-Fi Flaw Endangers Devices, Full Hotel Networks

2015/03/27 by admin

InfoSecurity – by Tara Seals US/North America News Reporter, Infosecurity Magazine

Guests at hundreds of hotels around the world are susceptible to hackers because of routers that many hotel chains depend on for their Wi-Fi networks.

Researchers have discovered an authentication vulnerability in the firmware of several models of InnGate routers made by ANTlabs, a Singapore firm whose products are installed in hotels in the US, Europe and elsewhere.

An exploit could cause extensive damage. It would allow an attacker to distribute malware to guests, monitor and record data sent over the network (like credit card information). Also, the perpetrator could possibly gain access to the hotel’s reservation and keycard systems.

“If you’ve ever used Wi-Fi in a hotel, you’re familiar with these types of devices as they are typically tied to a specific room number for billing purposes,” said Cylance researcher Brian Wallace, in an advisory.

There’s also danger for the hotel itself. He added, “In some cases, we observed InnGate devices that were integrated into Property Management Systems (PMS). In cases where an InnGate device stores credentials to the PMS, an attacker could potentially gain full access to the PMS itself.” This might be the reason why businesses like cafes and restaurants prefer signing up for specialized guest wifi services from providers like Hownd or the ones like them. They can set up access points that can create a separate guest WiFi network. It can provide a more curated WiFi experience for guests and enhance the security of the business network. The access points may also function as guest wifi marketing tools for the business by offering free Wi-Fi. Whenever a guest accesses the free wifi, the hotel can collect their email address and send them personalized offers to encourage them to return.

That said, Wallace also points out that the amount of information that can be compromised is rather breathtaking: PMS systems automate hotel functions like guest bookings, guest details, online reservations, point of sale, telephone, accounts receivable, sales and marketing, banquets, food and beverage costing, materials management, HR and payroll, maintenance management, quality management and other amenities. It can naturally be said that such an extensive system requires an immense amount of bandwidth, and so a wifi assessment may often be used to determine the layout of such a vast network connecting a plethora of devices across the hotel’s structure. With this in mind, the most crucial step becomes the security of this network as well as the systems/devices connected to it.

Hotel property management systems may interface with central reservation systems and revenue or yield management systems, front office, back office, point of sale, door-locking, housekeeping optimization, pay-TV, energy management, payment card authorization and channel management systems.

The news gets worse. While a vulnerability that allows for full file-system access that can easily lead to a complete compromise of the system would logically need an advanced exploit, this unfortunately is not the case.

In actuality, any *nix system which has the rsync command available is capable of exploiting this vulnerability in just a few keystrokes.

“Remote access is obtained through an unauthenticated rsync daemon running on TCP 873,” said Wallace. “Once the attacker has connected to the rsync daemon, they are then able to read and write to the file system of the Linux-based operating system without restriction.”

He added, “Once full file system access is obtained, the endpoint is at the mercy of the attacker.”

Cylance uncovered vulnerable devices in 29 countries including the United States, Cuba, Australia and Italy. ANTLabs said that it is releasing a patch, which should be applied immediately. Wallace said that the vulnerability can also be mitigated by blocking the unauthenticated RSYNC process from internet access, a simple inbound TCP-DENY on port 873 on the upstream network device from the affected InnGate device.

Filed Under: Security News

Let us help answer any questions you may have

requestmoreinformation.fw

Security News and Updates

  • Was my information part of a breach?
  • Phishing and stolen credentials
  • Ransomware is the Biggest Threat for Small to Medium Businesses

RSS SecurityWeek

  • Google Suspends Chinese Shopping App Amid Security Concerns
  • Verosint Launches Account Fraud Detection and Prevention Platform
  • Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager

Contact

  • Contact Us

Request More Info

  • Request Quote

Site Map

  • Site Map

© Copyright 2016 Symtrex Inc. ; All Rights Reserved · Privacy Statement