Tag Archives: Wireless Networks

Hospitality Industry Technology Risks: Hotel Wi-Fi And LAN Networks Remain Vulnerable To Being Hijacked

“Whether it’s paid or not, whether there’s a password involved or not, nearly all of them are completely unsecure,” he said. “The reason that Wi-mobile technologyFi hotspots put passwords on their Wi-Fi is not to protect the individual, but rather to limit usage…LAN technology evolved years ago for use within organizations where security was never thought to be a major issue. The result is that most of today’s LANs can be hijacked, and all communication can be easily captured and stored on an unseen laptop.”

Private Communications Corp., a Connecticut-based digital-security company, reports that more than half of the 24 million Wi-Fi networks thought to exist worldwide are unencrypted, meaning they’re effectively open to anyone within radio range.

That statistic is particularly alarming when juxtaposed with another from the same company: In the United States, an estimated 43 million people use Wi-Fi hotspots to conduct personal or professional business.

Lawson said travelers should be wary even when connecting directly to a local area network, or LAN, offered by, say, a big-name hotel.

For more:  http://www.dispatch.com/content/stories/business/2013/07/14/on-vacation-your-hotel-wi-fi-might-be-vulnerable-to-hacker.html

Comments Off on Hospitality Industry Technology Risks: Hotel Wi-Fi And LAN Networks Remain Vulnerable To Being Hijacked

Filed under Crime, Guest Issues, Liability, Management And Ownership, Risk Management, Technology

Hospitality Industry Information Security: Study Finds Hotels Are "Prime Targets" For Financial Data Theft; "Infiltration Of Smartphones Through Bluetooth Technology"

“…Hotels also are prime targets for people looking to steal financial data. In a study of 200 data-breach cases, Trustwave’s SpiderLabs, the online security company’s research arm, found 38 percent occurred at hotels or resorts…”

Two key challenges for travelers involve the use of unsecured wireless networks at hotels, airports and other public venues and the infiltration of smartphones through Bluetooth technology.

Identity theft can be a rude awakening for many business travelers. Last year, identity theft made up 19 percent of the 1.3 million complaints stored in the Consumer Sentinel Network, a secure online database available to law-enforcement agencies.

Experts say business travelers are especially vulnerable because they increasingly rely on electronic devices that easily can be lost or hacked. Credant Technologies, a data-protection company, found that travelers have lost 11,000 mobile devices at the busiest U.S. airports this year, 37.5 percent of them laptops and 37.2 percent tablets or smartphones.

“You are 15 times more likely to have your identity stolen than to have your car broken into,” said Todd Davis, chairman and CEO of LifeLock, an identity-theft protection company.

For more:  http://www.delawareonline.com/article/20111218/BUSINESS/112180321/Identity-theft-risk-increases-when-traveling?odyssey=mod%7Cnewswell%7Ctext%7CBusiness%7Cs

2 Comments

Filed under Crime, Guest Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology, Theft

Hospitality Industry Privacy Risks: Mobile Phone Carriers Confirm That Mobile Devices "Integrate Tracking Software" That Reveals User's Location

“…AT&T, Sprint, HTC, and Samsung today confirmed that their mobile phones integrate a controversial piece of tracking software from a company called Carrier IQ..”

“…the software can be tweaked to gather more intrusive data about a user’s location, the software and applications on the device, which keys are being pressed and what applications are in use…”

[youtube=http://www.youtube.com/watch?v=T17XQI_AYNo]

Both wireless carriers AT&T and Sprint insisted that the software is being used solely to improve wireless network performance while phone makers HTC and Samsung said they were integrating the software into their handsets only because their carrier customers were asking for it.

Meanwhile, several large carriers and handset makers, including Verizon, Research In Motion, and Nokia, distanced themselves from the software and insisted that reports about their devices integrating the tool are false.

The controversy began last week when independent security researcher Trevor Eckhart published a report disclosing how Carrier IQ’s software could be used by carriers and device makers to conduct surreptitious and highly intrusive tracking of Android and other smartphone users.

Eckhart described the software as a hard-to-detect and equally hard-to-remove rootkit that could be used by carriers and phone makers to collect almost any kind of data from a mobile phone without the user’s knowledge. Eckhart said his research showed that Carrier IQ’s software was often enabled to run by default on several mobile devices including those from Samsung, HTC, RIM, and others.

A lot of the information collected by Carrier IQ is designed to enable mobile operators and device vendors to quickly identify and address quality and service-related issues.

For more:  http://www.macworld.com/article/163982/2011/12/atandt_sprint_confirm_use_of_carrier_iq_tracking_software_on_mobile_phones.html

Comments Off on Hospitality Industry Privacy Risks: Mobile Phone Carriers Confirm That Mobile Devices "Integrate Tracking Software" That Reveals User's Location

Filed under Guest Issues, Liability, Management And Ownership, Privacy, Risk Management, Technology

Hospitality Industry Internet Security Risks: Hotels Can Offer Wireless Internet With WPA2 (Wi-Fi Protected Access 2) To Offer Guests Greatest Wireless Security

IS WIRELESS INTERNET IN HOTELS SAFE?

  • The short answer is: No. Wi-Fi was born to be convenient, not secure. Unsecured, unprotected wireless is everywhere. When a device connects to unprotected Wi-Fi, all the data stored on that device is available to a hacker with the proper sniffing tools.
  • The longer answer is: It depends on what kind of wireless that is provided.
  • Free, unsecured Wi-Fi is the least secure. Any Wi-Fi connection, whether in public, at home, or in the office, that is shared with anyone with any wireless device, lacks encryption of the data packets streaming from the connected devices.
  • A simple Firefox add-on called Firesheep can allow anyone with a Firefox browser to sniff out other devices using the same Internet connection, and to spy on their browser activity. Even if the victim’s login is encrypted, once they visit an unencrypted site, their data becomes vulnerable.
  • Wi-Fi with a WEP encryption is slightly more secure. Wired Equivalent Privacy was introduced in 1997 and is the original version of wireless network security. But WEP has been cracked, hacked, and decimated.
  • Wi-Fi with a WPA encryption is better. Wi-Fi Protected Access is a certification program that was created in response to several serious weaknesses researchers found in WEP, the previous system. WPA and WPA2 are tougher to crack, but not impossible.
  • Mobile Broadband has a degree of encryption that has been cracked, but the necessary hardware isn’t widely deployed by criminals. Researchers have demonstrated how the system can be hacked, but it’s still more secure than other options.
  • WPA2 Wireless Internet IS THE MOST SECURE 

For more:  http://advice.cio.com/robertsiciliano/14923/hacking_wireless_for_identity_theft

Comments Off on Hospitality Industry Internet Security Risks: Hotels Can Offer Wireless Internet With WPA2 (Wi-Fi Protected Access 2) To Offer Guests Greatest Wireless Security

Filed under Guest Issues, Management And Ownership, Risk Management, Technology, Theft

Hotel Industry Risk: Cybercrime Has Targeted Hotel Wireless Networks To Steal Credit Card Information

Travelers staying in hotels might want to carefully check their credit card statements for fraudulent charges in the months following the stay. According to recent reports, cybercriminals across the globe have a new favorite target: the wireless networks of hotels.

(From a CreditCardGuide.com article)  While financial services companies used to receive the bulk of hacker attacks, last year hotels emerged as the new choice target among hackers-out of 218 breaches in a total of 24 countries, 70 of those breaches took place through hotel networks, according to a report by security firm Trustwave SpiderLabs.

Internet security experts believe that hotel hacking attacks started to catch on at the end of 2008, when a sophisticated cybercrime organization broke into a hotel network to steal information and discovered just how easy it was to do. Even larger hotel chains are often poorly protected against cybercrime dangers, making it very easy for hackers to gain access to one computer and then use it as a doorway into the hotel’s central computer system, from where they can lift the credit card data of guests staying at the hotel along with other sensitive information.

Once hackers have retrieved the data they need, the cybercriminals waste no time turning the lifted credit card information into profit. Using high-tech equipment, hackers can easily clone credit cards, complete with a magnetic strip containing the stolen data. The cards are indistinguishable from the real thing and can be used in physical stores leaving behind few traces that can be used to track down the fraudsters.

It often takes hotels months before they notice the hack-last year, the average time between a security breach and discovery was over five months. In many cases, it is credit card companies, as opposed to the hotel chain, who first notice the unauthorized activity. Long after hackers make off with their bounty, credit card companies triangulating fraud reports discover that multiple individuals affected by fraud stayed at a specific hotel just prior to the credit card theft.

As awareness of hotel data breaches rises, many of the larger chains are stepping in to step up security. However, consumers should remain on alert: hacker’s aren’t about to give up this new lucrative target. Just this week, Wyndman Hotels, which operates chains including Days Inn, Ramada, and Howard Johnson reported its third breach in the past 12 months.

If you travel often or frequent hotels, make sure to monitor your credit card accounts. If strange activity shows up, contact your card issuer immediately. While credit card companies, ultimately, are on the hook for fraudulent charges, you do have to report unauthorized activity, and catching credit card fraud early can save much time and hassle down the road.

http://www.creditcardguide.com/creditcards/travel/staying-hotel-watch-credit-cards-231/

Comments Off on Hotel Industry Risk: Cybercrime Has Targeted Hotel Wireless Networks To Steal Credit Card Information

Filed under Crime, Insurance, Liability