Slashdot Mirror
Ransomware Infects a Hotel's Key System (dailymail.co.uk)
An anonymous reader writes:
A luxury hotel "paid "thousands" in Bitcoin ransom to cybercriminals who hacked into their electronic key system. The "furious" hotel manager says it's the third time their electronic system has been attacked, though one local news site reports that "on the fourth attempt the hackers had no chance because the computers had been replaced and the latest security standards integrated, and some networks had been decoupled." The 111-year-old hotel is now planning to remove all their electronic locks, and return to old-fashioned door locks with real keys. But they're going public to warn other hotels -- some of which they say have also already been hit by ransomware.
UPDATE: The hotel's managing director has clarified today that despite press reports, "We were hacked, but nobody was locked in or out" of their rooms.
UPDATE: The hotel's managing director has clarified today that despite press reports, "We were hacked, but nobody was locked in or out" of their rooms.
Critical infrastructure DOESN'T NEED ACCESS TO A PUBLIC INTERNET.
Governments, utility providers, MILLITARIES! All of them have publicly accessible computers. WHY?
Welp folks, since we're not willing to use common sense in deploying our electronic systems to ensure their security and integrity, we're going to abandon digital and go back to mechanical.
"Common sense" is not very "common" at all when it comes to electronic systems, and it's even less common when it comes to computer security. The vast majority of people -- even those running big businesses -- simply have no clue how computers or networks or whatever work in any detail. So how can they have "common sense" about them?
And I think it's only getting worse. Interfaces on computers and electronics keep getting "simpler" with more information hidden from the end user. These changes are often pushed by companies that have a strong interest in keeping their users ignorant of things like security, because it allows them to continuously steal their users' data and information. So, a normal "user" who encounters technology on an everyday basis is going to get dumber about security if trends of the past couple decades continue. "Common sense" about such things will get even more rare.
Seriously -- obviously an air-gapped system is a easy solution here, but do you realize that most people don't even understand what that means? I've had lots of conversations with people who still can't even tell the difference between local applications/data and the internet... and cloud interactions are further blurring such distinctions all the time, so there's little benefit for most people in trying to understand such distinctions. All the people working at the hotel are going to say is, "Huh? Why can't I check my email on this computer?? It's broken!"
The problem wasn't the electronic key system. The problem was the hotel stupidly made their electronic key system (or at least the server) accessible from the public Internet.
I used to work at a hotel and helped select one of these key card systems for purchase (I wasn't around for the installation). You're supposed to keep it on a separate and isolated network specifically to prevent problems like this. The system is completely self-contained and internal. Nothing else needs access to it, and you don't need to have access to anything else from it. The person using the key card server doesn't need to be able to browse their Facebook page on it. The only data being entered into it should be the front desk staff keying in the guest's name and dates of stay so that a new key card can be generated and the lock for that room reprogrammed.
Physical keys at hotels were/are a huge problem because anyone can make a copy of the key. Theoretically a guest could make a copy to access the room at a later date. But more commonly, one of the maids (who have master keys so they can access all rooms) makes a copy, gives it to someone else, who then goes into the rooms and steals stuff when the maid is off-duty (so as not to arouse suspicion as to who copied their key). Changing the locks is expensive and doesn't help, because the corrupt maid simply makes a copy of the new key. It's cheaper to make a copy of a physical key than it is to change all the physical locks. OTOH, it's cheaper to change all the electronic lock keys than it is to make a copy of the newer RFID key cards. Switching back to physical keys is huge step backwards in security.
"We were hacked, but nobody was locked in or out," said the hotel's Managing Director Christopher Brandstaetter. "For one day we were not able to make new keycards." "Since the locking system must work even in the event of power failure, the guests in the hotel almost did not notice the incident," the manager also added. "We simply could not issue new keycards because the computers were encrypted."
"First they came for the slanderers and i said nothing."
What *are* you on about with the breaking glass bullshit? Next time you're in a hotel room close the door and put the card in your pocket. Then slowly turn the handle. At about 30 or so degrees you'll feel a bit of resistance. That's the mechanical override (I assume it's a lever or cam[1]) engaging. Turn it some more and hey presto, the door unlocks.
[1] I'll take a set of screwdrivers on my next road trip.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
We have electronic locks at work, and they are on the Internet. They are VLAN'd and firewalled off but they are still on the Internet because the company that administers them is remote. You can argue we should do it our self and I'd agree, but that is the arrangement. However every single one can be overridden on the inside the the handle. The locking mechanism is just that it basically unlocks the door frame so you can push it open from the outside with the electronic lock. Inside, you can always use the handle to override.
The reason is, as you say, fire code. All our doors always open towards the outside, no matter what. Old lock and key doors are the same. You will find a door with a Medeco lock on the outside that can't be permanently unlocked, only turned to move the bolt, but on the inside ti is just a bar you push to open it up. No matter where you are in the building, you can always get out just by following the doors that will open manually with no key/code. The locks are for locking people out, not in.