Cyberattack brings down InterContinental Hotels' booking systems The IT systems of InterContinental Hotels Group, the massive hospitality organization that operates 17 hotel brands around the world, have been compromised, causing ongoing disruption to the corporation's online booking systems and other services. IHG, which is headquartered in Denham, England, and has offices in Atlanta, …
In this case it sounds like it may have been more than reservations systems being breached. When they say "IT systems" it could be anything from access control systems that open your hotel room door to the laundry operations. Hope they are transparent with exactly what happened here and to what extent.
As far as I know, IHG really doesn't operate hotels - it is about branding, marketing, reservations, etc. With the hotels being fairly independent. So I would not expect an "IHG" hack to have much impact on hotel operations - such as rooms, staff, etc. Even payments - my experience is that even if I have used a card to make a reservation, the hotel still requires that I give them a card for local payments.
I remember way back in early 2018 I may or may not have been staying at coughPullman London St Pancrascough.
Bored in the room I started to sniff the WIFI. Fuck me! Everything was wide open! I could see all other devices as no WIFI isolation was on. I could see, what I assumed was the PCs down in reception that people staying in the hotel could use. Worst still I found an old server available that had the controls to what, if I remember right, appeared to be a heating system.
I mentioned this to them on Twitter while I sat in my room, they'd have ignored it otherwise with just an e-mail. Granted, by the end of that day or the next it had been locked down more than it had been. Sadly, my limits were reached but if I knew more I probably could of gone further and found more holes.
I would of mentioned my room number in the hope I'd get the room free for helping. But I suspect I would of gotten kicked out instead.
My experience of hotels' free hot spots is they are ALWAYS wide open. AP isolation simply is never there ...
Can't really boot up my Mac without seeing everyone else's disk shared across the public net ...
I haven't bothered to even go full Kali Linux analysis onto one of them, but I suspect it wouldn't take long to reach out for the booking and paiement system and the rest ...
I have to admit that I can't fully understand what's going on.
Local government, if targeted by hackers, could create serious disruption. People's housing benefit not getting paid, tax not collected (and thus not forwarded to other bodies) civil services impacted... and yet the rate of councils being attacked seems minimal, apart from one or two high profile over the years. I would have thought they would be much more likely to be the target of state attacks.
And yet here we are, with international companies, with oodles more resources... getting hit. What are small local councils getting right, that international companies are getting wrong?
Where I used to work, around 400 employees only a fraction of which were in I.T., we had a few close calls but didn't get taken out like some of these other companies.
No. Having worked there its mainly because we're so strict. To be able to get on the main gov network as well you have to follow standards. Although doesn't stop everything. Like the time a help desk manager who was useless left a 3rd party account open. The support company were based in Indian and for whatever reason one of them connected in the night and deleted one of the big databases.
"Local government, if targeted by hackers, could create serious disruption. People's housing benefit not getting paid, tax not collected (and thus not forwarded to other bodies) civil services impacted... and yet the rate of councils being attacked seems minimal, apart from one or two high profile over the years. I would have thought they would be much more likely to be the target of state attacks."
I'm not even sure there could be disruption from a local council attack. Money flows are automated. So, apart from some average Joe not getting their situation changed, I wouldn't see any impact.
What would be the gain for the attackers ? Ransom money ? Nah, the gov. would forbid payment. Exposing stupidity ? No attack is needed for this.
End of the day, the only gain to the attacker would be average Joe getting annoyed. Who cares ?
End of the day, the only gain to the attacker would be average Joe getting annoyed. Who cares ?
As long as you live above sea level, that is.
en.wikipedia.org/wiki/Flood_control_in_the_Netherlands
Etc etc.
I'm not even sure there could be disruption from a local council attack. Money flows are automated.
They are automated by systems inside the local councils. Revenues and Benefits systems, RevBen for short. Take those out and little moves. There is a push to cloud, but being resisted because of the cost and with very few suppliers/systems to chose from for RevBen software, things are always being pushed.
State sponsored attacks aren't usually about the money. They're about crippling social ability to function, hitting morale, etc.
Hopefully the insurance/cyber insurance will not be paying for this. They had history. Apparently security was weak, as was the capability to move to backups. The amazing thing is other like entities are not spending big in fixing things - cheaper to wear downtime. And if you do look at cloud(other peoples infrastructure) you see they get hacked often enough.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
