Are You Paying Enough Attention to Data Security When You’re in a Hotel?

I’m nowhere near the road warrior I used to be, but I managed to accumulate over one million miles on a single airline (thanks, Delta!), and who knows how many random miles on others, and with that comes a lot of nights spent in hotels. Hundreds I suppose.

In all those hotels stays, I probably never gave more than a passing thought to my data security. But having grown up in a very crime ridden city, I’ve always been hyper-aware of physical theft, and I always do the little things they tell you to help deter people entering your room when you’re not there: put the “do not disturb” sign on the door, leave a light on, maybe turn on the TV or radio. The strategy is always the same: you can’t really stop the thief, you just want to increase the perceived risk enough that he goes to someone else’s room instead.

But data security? Not so much.

When I started my business travel, we were still using dial-up modems, which for all their faults were at least pretty secure! You had a direct line back to your corporate network, and that was that. But now it’s the wild west out there.

This fascinating and too-short article takes a look at all the opportunities for hackers at hotels, which are high on the list of hacker targets:

Hotels might be a less obvious target, but they’re hacked almost as often because of the valuable data that passes through them, like credit cards and trade secrets.

And if necessity is the mother of invention, criminality is a close second. Some of the clever things hackers have done to break into hotel systems:

  • Targeting electronic door locks to enter rooms.
  • Plugging a laptop into the Ethernet cable connected to the smart TV.
  • Breaking into the internet-connected fish tank in a Las Vegas casino lobby! And from there finding a database of high rollers.
  • Finding and plugging into the Ethernet port on the ceiling in the hotel closet.

The internet of things adds much to the problem, it seems. I wonder if anyone’s tried to hack the pressure-sensitive minibars in Las Vegas that charge you the moment you pick up an overpriced Toblerone?

Breaking into hotel systems is about more than stealing credit card numbers. There’s an interesting spy-vs-spy aspect of it as well:

“From an intelligence standpoint, there are some real advantages to understanding where high-profile people are going to be ahead of time,” says Gates Marshall, director of cyber services at CompliancePoint Inc., whose consulting clients include airports. “There’s a market for travel itineraries. It’s not a commercial market, it’s more of a geopolitical one.”

A market for travel itineraries? Never thought of that before.

But there’s not much you can do about protecting a hotel’s systems. What about your own data security?

Mark Orlando, chief technology officer for cybersecurity at Raytheon IIS, advises corporate clients to avoid using personal devices altogether while on the road. That could mean requesting a loaner laptop or buying a burner phone.

I suppose if you’re a high-profile traveler or corporate/government VIP, that makes sense. But imagine the hassle of being a frequent traveler and having to use a burner phone every time! Good advice, technically, but I can’t imagine it’s widely used except among the hyper-security conscious.

Another common hacker trick is setting up a fake wireless network in the hotel. When was the last time you asked at check-in what the name of the hotel network is? I don’t. Half the time it seems you can’t even tell easily. It’s not obviously named. Which makes it ever easier for a hacker to setup a network that is obviously named. Indeed, in the linked article a team of white-hat hackers testing for security holes set up a wi-fi network in a hotel, named it after the hotel, and in a few minutes had six devices joined up. Sheesh.

But you can see how it happens. Traveling you can be tired and less attentive, to say nothing of coming in after a night of dinner and drinks. Then you pop open the wireless app, see “Hotel-Name Wifi” and just click on it. Ooops, you just got hacked.

It’s not a bad idea for corporations to issue mobile hotspot routers to their frequent flyers. It puts you on a private network and makes it much less susceptible to hacking. Well, at least if your password isn’t “MyJetpack” or something stupid like that.

In any event, this is all very sobering and shows yet again how careful you need to be in our interconnected age.

Read More
07/22/2019 0 Comments

Yeah, You Probably Should Do Something to Protect Your Organization from Ransomware

Another day, another ransomware attack. It was recently reported that the city council in Riviera Beach, Florida, “voted to pay nearly $600,000 to hackers who crippled the city’s computer systems with a ransomware attack.” This sets a new record for publicly revealed payments by a government organization. And it does seem that government organizations get hit a lot, or maybe it’s just that they’re required by law to reveal it.

Baltimore city government was hit with an attack that shut down most of their servers. And before that, Atlanta got hit and constituents couldn’t access applications for bill paying, court records and some other things.

There’s an old saying that an ounce of prevention is worth a pound of cure; well, a few dollars of prevention could have prevented many dollars of a painful cure for these organizations. And it’s probably not worth relying on the old standby of “it won’t happen to me.”

Ransomware is a tricky beast. It doesn’t sneak in through the back door like hacker attacks that try to break into your IT systems. Ransomware walks right through the front door, hitching a ride with somebody who already has a key to the door: that is, your users. Typically, an attack happens because someone clicked on a link in an email or visited an infected website. Once on the user’s computer, the malware has direct access to your network.

How to stop it? User education initiatives are important, as is keeping systems patched to avoid exploits. And of course, back up your data! You can find more helpful information here, along with some scary statistics.

One of the main areas that are exposed to ransomware are your file shares. Finding a network file share is like hitting the jackpot for the malware, which starts to encrypt one file after another.

If your file shares (CIFS/NFS) happen to be on NetApp filers, we have a great solution for you. It’s called CryptoSpike and it comes from our technology partner ProLion. What makes CryptoSpike a good tool for fighting ransomware? Here’s a few things:

  • It uses multiple technology approaches to detect and stop malware, including a Learner Module that detects unusual user behavior. This allows you to detect Day Zero attacks.
  • CryptoSpike stops the spread of the attack by cutting off the infected user’s access to the file shares. Some files may get encrypted, but the attack is stopped before it spreads too widely.
  • Because it works with NetApp snapshots, CryptoSpike lets you easily revert back to an earlier snapshot, and at the file level. That’s critical because you don’t want to have to revert an entire volume with thousands or millions of files if only a few were infected. CryptoSpike helps you pin-point the infection and roll it back.

There’s lots more you can do with CryptoSpike. Want a quick look? You can watch our demo video. If you like what you see, why not request a trial copy? You can test it out for yourself. And it’s priced per NetApp controller, so no worries about number of users or files or disk capacity.

And whether you consider CryptoSpike or something else, please do consider something. You really don’t want to be figuring out how to send bitcoins to some hackers. That’s sure to ruin your day.

Read More
07/08/2019 0 Comments

Let us show you around

Data ProtectionData ManagementOpen VM BackupNetApp Ransomware ShieldNetApp File Catalog