Hotel’s security flaws exposed

-	Advertorial
-	FOCUS
-	Guide
-	Lifestyle
-	Tech and Vogue
-	TechandScience
-	CHTF Special
-	Nanhan
-	Asian Games
-	Hit Bravo
-	Special Report
-	Junior Journalist Program
-	World Economy
-	Opinion
-	Diversions
-	Hotels
-	Movies
-	People
-	Person of the week
-	Weekend
-	Photo Highlights
-	Currency Focus
-	Kaleidoscope
-	Tech and Science
-	News Picks
-	Yes Teens
-	Fun
-	Budding Writers
-	Campus
-	Glamour
-	News
-	Digital Paper
-	Food drink
-	Majors_Forum
-	Speak Shenzhen
-	Business_Markets
-	Shopping
-	Travel
-	Restaurants
-	Hotels
-	Investment
-	Yearend Review
-	In depth
-	Leisure Highlights
-	Sports
-	World
-	QINGDAO TODAY
-	Entertainment
-	Business
-	Markets
-	Culture
-	China
-	Shenzhen
-	Important news

szdaily -> Shenzhen

2014-July-22 08:53 Shenzhen Daily

LAST year, Spanish black hat hacker Jesus Molina stayed at the St. Regis Shenzhen hotel and found that he was able to hack into electronics in all of the hotel’s 250-plus rooms by using the iPad given to each guest to be used as a digital “butler,” according to a report published July 17 by Wired magazine.

Molina was able to use the iPad-operated digital “butler” application at the five-star Shenzhen St. Regis hotel to control any of the rooms’ thermostats, lights, blinds and TVs, as well as the digital “Do Not Disturb” signs found on each door — all from the bed in his room. Molina stayed for two days and changed rooms four times for the investigation.

The hacker found that the iPads provided to every room were running an old communication protocol called KNX that was unencrypted, making it easy for him to access private parts of the system, even from outside the hotel itself.

“I could have changed every channel in every room so everybody could watch soccer with me, but I didn’t,” Molina said in the report. “Guests make assumptions that the channel they are using to control devices in their room is secure.”

Molina, a native Spaniard who works as an independent security consultant in the U.S., said that is just plain false.

The system St. Regis is using is intended to be used on wired networks, but at the hotel it’s being used wirelessly, making it quite accessible to hackers. Other hotels use the same system, added Molina.

“The KNX/IP protocol provides no security, so any hotel or public space that (has) deployed it on an insecure network will make it easy to exploit.”

St. Regis also uses the same open wireless network to send these commands that guests use to surf the Internet, making it easy for anyone else within wireless range to monitor traffic and change commands. “I didn’t have to be in the hotel to do what I did,” said Molina. “I could have done it from anywhere. I could use a very big antenna from the next building.”

The protocol is commonly used in hotels and other places in Europe, he said. “Other hotels that have the systems have probably committed the same problem, because most of them have this same wireless connection,” he said. “I believe most of them will all be accessible.”

The issue, however, goes beyond just the protocol and the use of an open wireless network. The St. Regis Shenzhen also didn’t authenticate the iPads in any way, so a hacker could install the butler application on his own laptop and use it to send commands to the devices in that room. With a little more work, he said he could write a program to control the devices in other rooms while using his laptop from anywhere in the world.

Using the iPad as a proxy, he could send remote commands to devices in the rooms. “I could be in Berlin and the iPad could make me able to switch on the lights in the hotel at 3 a.m. from there,” he said.

Molina will be sharing his findings with the Black Hat security conference in August. He also shared his discovery with the hotel’s chief of security, who acknowledged the problem and said they are working to solve it.

(SD-Agencies)