Tag Archives: Information Security

by | April 9, 2015 · 9:37 am

Hospitality Industry Technology Update: “Security Flaw In Hotel Wi-Fi Routers Could Put Devices At Risk”

“This is the second time in recent months that security researchers have warned of hotel Wi-Fi networks being a potential vectorWireless data security of attack for cybercriminals, providing a not-so-subtle reminder that individuals must be ever-vigilant regarding the security of their devices and access points.”

Cylance, a security vendor, says that its security researchers at the Sophisticated Penetration Exploitation and Research team (SPEAR) have uncovered a flaw in the InnGate Wi-Fi router commonly used by many hotels that could be placing the devices of guests at risk. According to Wired, the Cylance team reports, the vulnerability could threaten not just guests, but could also spread to the hotels themselves if hackers are able to compromise the router to allow them to access other parts of the hotel network. Cylance says this could potentially impact reservations and billing.

The vulnerability, dubbed CVE-2015-0932 gives an attacker full read and write access to the file system of an ANTLabs’ InnGate device, Cylance reports.  Cyber thieves gain remote access through an unauthenticated rsync daemon running on TCP 873, which then allows them to read and write unrestricted to the file system of the Linux based operating system.

For more: http://bit.ly/1yYJZK7

Comments Off on Hospitality Industry Technology Update: “Security Flaw In Hotel Wi-Fi Routers Could Put Devices At Risk”

Filed under Crime, Guest Issues, Hotel Industry, Management And Ownership, Risk Management, Technology, Theft

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

by | August 14, 2013 · 1:25 am

Hospitality Industry Information Risks: “Cyber-Risk Insurance” Protects Businesses Against “Data Breaches”

…CFOs are looking for insurance against cyber threats. In the past few years,  cyber-risk coverage has become one of the fastest- Cyber Risk Insurance Graphicgrowing businesses for insurers…Businesses, government agencies, hospitals and schools in  the U.S. reported 343 data breaches this year through July, reports CFOJ’s  Maxwell Murphy. That exceeds the number reported in all of 2006 and puts 2013 on  pace for 588 breaches, the most since 2010…”

Data breaches have been on the rise after a dip in the past two years, and experts say the publicly disclosed breaches of computer networks may be only a  fraction of the total.

Cybersecurity used to be something that Ciena CFO James Moylan Jr. delegated. But now he spends as much as 10% of his time making sure  Ciena and its technologies are protected from hackers, cutthroat competitors and other potential cybercriminals. “With all the things that have been in the  news—hackers and, frankly, the Chinese—it’s all caused us to think about” how to cut the potential cost of a data breach, he says. The average cost of a breach  is about $188 per stolen record, and the average loss per incident is $9.4 million, according to a study last week from the Ponemon Institute.

For more:  http://stream.wsj.com/story/latest-headlines/SS-2-63399/SS-2-300092/

Comments Off on Hospitality Industry Information Risks: “Cyber-Risk Insurance” Protects Businesses Against “Data Breaches”

Filed under Crime, Guest Issues, Insurance, Liability, Management And Ownership, Risk Management, Theft

Tagged as , , , , , ,

by | March 31, 2013 · 1:33 am

Hospitality Industry Data Security Risks: Hotels Are At Significant Risk Of “Large-Scale Hacking” Of Guest Personal Information, Including Information In Reservation Systems

“Data security is becoming an issue of significant importance in the hospitality industry…(because of) an increase in hacks and malware attacks, which frequently target hotel systems because they’re a rich source of cybercrime in hotelspersonal information… hackers aren’t just targeting data on hotel systems but also the information passed along to reservations systems…credit card theft is much easier — and more likely — through large-scale hacking…another reason hotel guests are vulnerable to having their personal information stolen: They’re easily distracted.”

Several days after Traci Fox visited a small independent resort in the Catskill Mountains, she received an unexpected call from a shoe store. Where did she want it to ship the $400 worth of pricey sneakers that she’d ordered?

Fox believes that her hotel may have compromised her credit card information. At least one government agency shares her concerns. Last summer, the Federal Trade Commission sued Wyndham Hotels, alleging that the company had failed to protect its customers’ personal information. As a result, the FTC claims, hundreds of thousands of credit card numbers fell into the wrong hands, leading to millions of dollars in fraud-related losses. Wyndham denies any wrongdoing and is fighting the suit.

The problem may run deeper than the theft of credit card numbers, however.

The personally identifiable information in your guest profile, such as your home address, your license plate number and your date of birth, which is attached to your reservation, can end up in the hands of a third party that offers little or no warranties about how it will protect your data. “These kinds of areas are more worrisome than some huge Visa bill,” says hotel consultant Marion Roger. “Once your identity has been cloned, you can easily spend years and hundreds of thousands in legal and other fees.”

For more:  http://www.washingtonpost.com/lifestyle/travel/the-navigator-when-you-check-in-your-private-information-may-be-checked-out/2013/03/28/07cb90ca-9599-11e2-bc8a-934ce979aa74_story.html

Comments Off on Hospitality Industry Data Security Risks: Hotels Are At Significant Risk Of “Large-Scale Hacking” Of Guest Personal Information, Including Information In Reservation Systems

Filed under Crime, Guest Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology, Theft

Tagged as , , , , , , ,

by | March 7, 2013 · 7:18 am

Hospitality Industry Payment Risks: Hotel Tech Trade Association Releases “Secure Payments Framework For Hospitality”; Best Practices Advocates “Tokenization” And “Removal Of All Guest Credit Card Data From Systems”

Hospitality Industry Secure Payment Framework-page-001

Click on “Hospitality” to view online

Hospitality Industry Secure Payment Framework Executive Summary-page-001

For more:  http://www.scmagazine.com/hotel-tech-trade-association-offers-best-practices-for-reducing-payment-card-risk/article/283129/

Comments Off on Hospitality Industry Payment Risks: Hotel Tech Trade Association Releases “Secure Payments Framework For Hospitality”; Best Practices Advocates “Tokenization” And “Removal Of All Guest Credit Card Data From Systems”

Filed under Crime, Guest Issues, Insurance, Labor Issues, Liability, Management And Ownership, Risk Management, Technology, Theft

Tagged as , , , , , , ,