The Los Angeles Times today has an article headlined “Ensnared on the wireless Web” that details how “Hackers’ latest tactic to steal information is setting up fake hotspots that users unwittingly use to access Internet”. The FBI is on to it as according to Geoff Bickers, a special agent of the agency “People who think they are signing on to the Internet through a wireless hotspot might actually be connecting to a look-alike network, created by a malicious user who can steal sensitive information”.
Hotels that do not have adequate enterprise level firewalls at the POP and the property end itself are likely to inadvertently facilitate the hackers malevolent designs. In the case of hotel guest Mark Loveless the LA Times article notes “just one letter separated security from scam”. When the guess logged on to his hotel’s free wireless Internet in San Francisco last month, he had two networks to choose from with both having same name separated only by a lowercase and uppercase letter. The guest chose uppercase as he had done on an earlier occasion but noted a difference when the second time when a screen popped up asking for his log-in and password. As Mr. Loveless was a security analyst, he immediately disconnected particularly since he was a former hacker. He apparently knew an attack when he saw one!
While hacking is eons old in internet terms, the mutations are dizzying both in terms of rapidity and complexity. Another means of getting proprietary information of hotels and their guests is infra-red systems. IInadequate hotel infra-red systems can result in hackers being able to read other guests’ emails, watch in-room movies for free and even put false charges onto other guests’ accounts! The crooks in this instance use infrared connections to a hotel’s web-enabled TV to filch the data and obtain personal financial information when a guest uses web-enabled TVs. Fortunately, since those systems are notoriously slow and inefficient most guests do not use them but that should not result in management complacency. The TV remote uses infra-red to communicate but seldom do they have codes designed to thwart insidious hackers.