Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hotel ISP iBahn Denies Breach By Chinese Hackers

Posted by timothy on from the just-hired-new-typographers dept.

alphadogg writes "iBahn, a provider of internet services to some 3,000 hotels worldwide, denied on Thursday a news report that its network was breached by hackers. Bloomberg wrote that a highly skilled group of hackers based in China, which U.S. investigators have called 'Byzantine Foothold,' attacked iBahn, citing unnamed sources, including one U.S intelligence official. In a written statement, iBahn said it was aware of the allegations in the news report but it had 'not found proof of any breach on the iBahn network.'"

30 comments

  1. Posting's Title is Misleading by SoothingMist · · Score: 4, Insightful

    'not found proof of any breach on the iBahn network' is not at all the same as saying that a breach did not take place.

    1. Re:Posting's Title is Misleading by Anonymous Coward · · Score: 0

      You placement the guts section upon your throat and then change the software till ones biceps are around the item plus the many other conclude from it is scheduled within your cheap hair straightener. Effortless, proper? The check is fantastic for to start a date occasion. It is easy to put on the little black dress along with set highlight with it by way of putting together this kind of group headscarf on a shawl. You'll not primarily appearance for that reason smart as well as cheap hair straightener, you may look and feel toasty as well as comfy specially on top of a cold particular date.

  2. No proof != no proof by vikingpower · · Score: 2

    If iBahn finds no proof of a breach, the hackers were really good....

    --
    Religous speak to God. Insane are spoken to by God. When all shut up, one can finally hear Shostakovich in peace
  3. How fast are you allowed by Compaqt · · Score: 0

    to go on the "i"-Bahn?

    --
    I'm not a lawyer, but I play one on the Internet. Blog
  4. One Fine Day .. by ackthpt · · Score: 0

    1,500,000,000 chinese hackers walked into a hotel.

    "It's not every day we see 1,500,000,000 chinese hackers walk into my inn," said the surprised innkeeper.

    "And with these room rates you don't see many more!" stated the 1,500,000,000 chinese hackers.

    --

    A feeling of having made the same mistake before: Deja Foobar
  5. Reminds me of the old by Anonymous Coward · · Score: 1

    Juror: Senator. Is it true that you beat your wife?
    Senator: What on earth? No!
    THE DAILY HEADLINEGRABBER leads with
    "Senator Denies Wife Beating"

    1. Re:Reminds me of the old by Anonymous Coward · · Score: 3, Funny

      The more typical example is (in internet form form):

      Have you stopped beating your wife? (required)
      o Yes
      o No

  6. Re:Posting's Title is Pretty much spot on by Qzukk · · Score: 4, Insightful

    The post title is exactly what iBahn is claiming. The Iraqi information minister would be proud.

    --
    If I have been able to see further than others, it is because I bought a pair of binoculars.
  7. I'm not sure they would be able to tell... by jafo · · Score: 5, Funny

    I've had the pleasure of working with iBahn in the past at conferences. They don't have the sharpest techs I've dealt with. For example, I had a tcpdump of their DHCP server handing out a lease with the gateway in a different network*. Obviously, this didn't work... "Well, I can reboot all the APs for you..." Now, the APs weren't doing DHCP...

    So, iBahn is saying they "haven't found any breach"? I'm not convinced that their lack of finding it is an indication that it hasn't happened. I wonder what equipment they've rebooted trying to find it. :-)

    (* Details: the DHCP server handed out an address like 10.1.1.2 in a /24 network, and the gateway was 10.5.254.254. These are rough approximations, not the exact IPs, but give you an idea)

    1. Re:I'm not sure they would be able to tell... by Anonymous Coward · · Score: 1

      I work with iBahn regularly, and other hotel ISPs (generally called HSIA providers in the industry; short for High Speed Internet Access). Their Tier 1 and Tier 2 technicians are never that sharp. As always there are exceptions but their help desk agents. Not NOC specialists. Generally the senior engineers are pretty sharp at these places, once you work at them for a bit and make them really think about an issue instead of trying to pass the buck off to someone else.

      Anyways, you don't seem to know as much about network setups as you think. Having multiple DHCP pools is par for the course at public venues. Generally speaking you don't want guest users on the same network as your core equipment. Hell, for the Nomadix AG3100 (one of the most common hospitality gateways in the US) generally has guests on a 172.x.x.x network and a separate 10.x.x.x network for networking equipment. I've seen 4 different vendors use that same kind of layout.

      I generally butt heads with HISA providers but you were wrong on this point so felt I should defend them.

    2. Re:I'm not sure they would be able to tell... by Anonymous Coward · · Score: 1

      I can't find my login, so anonymous it is....

      Please explain to all reading how exactly you can have your first router hop outside of your broadcast range.

      Note: He said a /24 network, which in his example would have a subnet mask of 255.255.255.0 and the broadcast range would be 10.1.1.255. How is the guest machine supposed to get to the first router (10.5.254.254) if it is outside of the /24 subnet? If this was a larger network, /8 for example, that would be fine...stupid for a hotel, but fine.

    3. Re:I'm not sure they would be able to tell... by mikael_j · · Score: 2

      You do realize his point was that it handed out an unreachable gateway, right?

      --
      Greylisting is to SMTP as NAT is to IPv4
    4. Re:I'm not sure they would be able to tell... by jafo · · Score: 1

      The statement "you don't know as much about X as you think", as we see here, is generally a good indication that you are about to say something really stupid. :-)

  8. The question is ... by fsckmnky · · Score: 2

    Is being "attacked" by {hacker group x} the same as being "breached" by {hacker group x} ?

    I think one can be attacked, and not be breached, if the attack was repelled successfully by whatever security measures were in place.

    1. Re:The question is ... by Ihmhi · · Score: 1

      It's like the square shape rule. A square is both a square and a rectangle, but a rectangle is not a square. Similarly, a breach implies a successful attack, whereas an attack alone was obviously repelled (as there was no breach). So, it's an attack and breach.

      --
      Random Thoughts From A Diseased Mind (Not For Dummies)
    2. Re:The question is ... by fsckmnky · · Score: 1

      The government official said the company was "attacked."

      The company spokesperson said the company was "not breached."

      Perhaps the government official let some inside info slip.

      There was some commenter controversy over whether the statements conflicted with each other.

      At this point it's difficult to claim a statement conflict exists.

  9. Re:Posting's Title is Pretty much spot on by moderatorrater · · Score: 3, Insightful

    No, it's not. iBahn is saying they have no proof that it happened and that they're investigating, which is all they can do. They're not denying a break in, they're giving the best information they can.

  10. Then there's the problem of WiFi by TheLink · · Score: 1

    Given the current state of WiFi it's hard for hotels,cafes, conferences to provide WiFi access to guests and not have them able to snoop on each other's traffic.

    IIRC you can use WPA2 Enterprise (the rest are crackable), but that means the guests have to login. In theory you can give all the guests the same username and password (with WPA2 Enterprise I think they won't be able to decrypt each other's traffic even if they had the same username and password but this is not true if it was the WPA2 shared key crap).

    But the problem then is the guests would have to know what username and password to use. So this is where you'd need help from Microsoft, Apple, etc to set up a standard for WPA2 Enterprise guest accounts, much like the defacto "ftp" accounts for anonymous access.

    Of course there would still be the problem of MITM attacks - attackers could setup an AP that pretended to be the hotel's AP, so perhaps you'd need some certs/fingerprints or other way to verify the APs.

    --
    1. Re:Then there's the problem of WiFi by jmauro · · Score: 1

      I'd rather just have it unencrypted as an access point, there is less trouble that way. If you're using a 3rd party for your network transit you can pretty much assume that it's insecure. If you're really worried run a VPN over it.

    2. Re:Then there's the problem of WiFi by TheLink · · Score: 1

      Not helpful from the perspective of a hotel trying to provide a better WiFi service to guests.

      --
  11. bloomberg got it wrong, or OP did by Anonymous Coward · · Score: 0

    "Byzantine Foothold" is not a hacker group, it';s part of the US's Cyber Defense mess. Oh, wait..

  12. It's not a breach... by Anonymous Coward · · Score: 0

    It's not a breach if they stayed at one of the Inns...

  13. Where do press stories come from Mommy? by Slur · · Score: 1

    Wait, so if they haven't found any breach, but some "unnamed intelligence official" told the press that they have, and the press is reporting that they have... well, where did the story come from and how did it get so much traction if iBahn doesn't even know about it?

    Wait, could this be just another piece of anti-Chinese, anti-communist propaganda being floated by the American press? Of course not! We don't have propaganda and psy-ops here in the USA!

    --
    -- thinkyhead software and media
    1. Re:Where do press stories come from Mommy? by Anonymous Coward · · Score: 0

      where did the story come from and how did it get so much traction if iBahn doesn't even know about it?

      I tried to figure this out yesterday and got no where. The names of the two reporters was as far as I got. The whole story sounded very fishy, but I just figured it was a security company behind the scare mongering.

    2. Re:Where do press stories come from Mommy? by Anonymous Coward · · Score: 0

      This was part of the RSA-related breach from a while back...remember the imfamous 760 company hack?

    3. Re:Where do press stories come from Mommy? by rtb61 · · Score: 1

      A quick easy guess here. The Chinese whilst developing a skill a cracking other countries networks are still largely ineffectual at securing their own.

      US intelligence services making use of some very professional hackers at NSA http://en.wikipedia.org/wiki/Nsa, were able to hack into China's security services networks and basically find and monitor China's computer network cracking efforts.

      There have been so many backdoors hacked into China's intelligence network services that they are likely better scrapping the whole network and starting again. Problem of course is, whilst the government of China has found greed to be such a useful tool in gaining access to overseas networks is equally vulnerable to the same tactic.

      It's so funny when the most secure and expensive, tens of millions of dollars worth, computer network can be cracked, often permanently (hardware, wiring) by nothing more than say a $10,000 bribe.

      Best security when it comes to the internet, air gap, if it absolutely doesn't need to be connected to the internet than don't bloody connect it. Any network security person that saves pennies to spend pounds needs to be fired and where ever possible go with parallel networks and hardware, internal and external. Internal desktops, hard wired, all data imported or exported done at a secured station audited and verified. External, cheap smart books for email/internet et al, meh, who cares, wireless and rebuild as necessary.

      --
      Chaos - everything, everywhere, everywhen
  14. Re:Posting's Title is Pretty much spot on by Jawnn · · Score: 1

    I see that you have "corporate double-speak" as a second language, my friend. Allow me to translate for you...
    "no proof..." actually means "no proof that we can not escape admitting to" or the more concise "no 100% certain proof". Either is accurate because, in 48-72 hours, they will finally have to admit that yes, "It does appear that certain parties gained unauthorized access to certain portions of our network, though it remains unclear just what data may have been compromised." And of course that's the standard way of easing into "Yes, they stole the personal data and credit card details of about sixty-five million of our customers."

  15. Re:Posting's Title is Pretty much spot on by Galestar · · Score: 0

    Or the Ministry of Truth back home in the good ol' U.SofA a.k.a the 6 media conglomerates.

    --
    AccountKiller
  16. Too Late! by Anonymous Coward · · Score: 0

    So da ne. Laitozu ne.

    Bai bai ... doumo ... yoroshiku ne.

    LoL