…that hotel wireless connection might be giving you more than access to your email.

A recent report by the FBI has exposed a new threat to users of hotel wireless networks. They report that a sophisticated attack has been uncovered whereby hackers have been able to compromise the wireless networks used by a number of chains of hotels.

The attack works by wireless users connecting to the hotel network and then after successfully connecting to the internet being prompted to install an innocent looking update from a trusted provider. Something like a Flash update from Adobe might be a candidate – something you might normally trust and expect to see given the number of security updates that we are all prompted to install. This update is actually a fake and carries malicious code.

The next part is to my mind the most frightening. The attack that the FBI warning about is not your normal phishing attack to scam your bank details, which is bad enough of course. It is instead (it is speculated)  the Chinese state installing spying software on your laptop to monitor your email, steal your Gmail passwords, installing keyloggers and trying to exfiltrate your documents. They are after business people sat in their hotel rooms at the end of a day updating their headquarters with the days progress – updates on miltary sales, the latest technology advances, economic data, etc.

This is clever becasue they have targetted the big worldwide hotel chains that rollout the same wireless access solution across the board. Find a hole in the security of one wireless system and you have access to all those business people across the globe.

The FBI helpfully give this advice;

“The FBI recommends that all government, private industry, and academic personnel who travel abroad take extra caution before updating software products on their hotel internet connection,” IC3 warns. “[Check] the author or digital certificate of any prompted update to see if it corresponds to the software vendor may reveal an attempted attack.

“The FBI also recommends that travellers perform software updates on laptops immediately before travelling, and that they download software updates directly from the software vendor’s website if updates are necessary while abroad.”

Good advice for large corporates with dedicated I.T. teams to look after security but likely to be beyond the resources of most small and medium business travellers.

Just to cheer you up there are other documented attacks from compromised public/hotel wifi access points from your normal Russian gangsters and scammers after your bank details and using your computer to send spam and launch denial of service attacks by the way.

Also at least one techie blogger has reported that the hotel chain he stayed at actually used technical equipment to inject adverts in to all web content accessed through the hotel wireless although once he discovered the practice the hotel chain in question removed this ‘service’.

Be careful out there as they used to say on Hill Street Blues.

 

Mark T

 

 

by hostadmin on May 14, 2012 at 11:36 PM

Comments are closed.