Hackers exploit hotel Wi-Fi
Poorly secured Wi-Fi networks at hotels are enabling cybercriminals to steal guests’ private information, warns PricewaterhouseCoopers (PwC). The security of guest information and operational technology has emerged as a business risk for the hotel industry, according to PwC’s Hospitality Outlook 2015-2019. “For business travellers, access to fast and lowcost Internet is a must have. But these Wi- Fi connections are not always secure. And that is a security gap that cyber criminals are making use of,” says Nikki Forster, hospitality industry leader for PwC, Southern Africa. PwC says cybercriminals are targeting hotel networks and infecting computers with an aim to steal personal information of guests. Techniques that hotel hackers use range from the mathematical to crypto-analytical says PwC. “This is usually done by hackers waiting for guests to check in and log on to the hotel Wi-Fi by usually submitting their room number and surname,” says Veneta Eftychis, senior manager, PwC hospitality and gaming industry. “Thereafter the hotel guest gets tricked into downloading and installing a so-called backdoor file, which pretends to be an update for legitimate software, such as the Google Toolbar or Adobe Flash.”
PwC explains that unsuspecting guests could risk downloading this hotel ‘welcome package’ only to infect their machines with spyware. South African hotels were also targeted by fraudsters in 2012 and 2013 who used malware known as Dexter. The malware skimmed and transmitted credit cards’ magnetic-strip information, allowing clones to be made.