Security firm Cyland found a significant weakness in the InnGate WiFi router use in many hotels, which allows hackers to compromise devices which are connected to them, writes Lord Marin for Yibada. The company refused to name the hotels which are affected by the WiFi vulnerability, in case hackers exploit the weakness before the routers can be updated.
ANTLabs-made WiFi devices: Widespread problem in hotels
The ANTLabs-made WiFi devices were found to be vulnerable in 29 different countries around the world, according to the SPEAR (Sophisticated Penetration Exploitation and Research) research team. Out of the 277 devices found to be vulnerable, over 100 of them are in the U.S., while there are 35 vulnerable locations in Singapore, 16 in the UK and 11 in the UAE.
The team claim that hotels of all star ratings use the routers, and hotel guests are not the only ones that could be affected by the WiFi weakness. Justine Clarke from SPEAR said that the vulnerability of the router could allow hackers to access restricted hotel networks, and the confidential information, such as financial details, found on them.
Endless possibilities for hackers
Not only is guests’ cyber security at risk, but their physical security could also be compromised. Hackers who access a hotel WiFi network could take control of the mainframe to open doors and enter guests’ private rooms. One high-profile example of this problem is the assassination of a Hamas official at a hotel in Dubai in 2011. An investigation into his death led authorities to believe that his killers reprogrammed the electronic lock on his door in order to gain access to the room.
“Given the level of access that this vulnerability offers to attackers, there is seemingly no limit to what they could do,” said the SPEAR team.
The good news for travelers is that there already exists a patch for the WiFi vulnerability, although there is no way of guaranteeing that hotel staff will install it straight away. It might be best to refrain from using unprotected WiFi networks for the time being.