Image: Bloomberg, Inkee Wang
Bloomberg has an interesting piece that follows a group of consultant hackers trying to hack a hotel. The piece describes the usual targets that allow would be hackers to gain access to a hotel's physical infrastructure, such as isolated POS systems, smart TV internet ports or even ports for automated window blinds. The holy grail of hotel hacking is accessing the hotel's Property Management System (PMS), which would give the hackers control of all the hotel's reservations including customer and credit card information.
The piece describes how IT infrastructre in hotels is often out of date and some may be running an old PMS system called Opera which requires security controls to be deactivated on a machine to allow the software to work, making the hacker's job much easier. The piece is also a cautionary tale about using hotel WiFi, which is fertile ground for man in the middle attacks using WiFi pineapples. VPNs are your friend when it comes to public WiFi networks, as any viewer of Mr.Robot will tell you :-p
