You have just arrived at the hotel after a delayed flight and a half-hour wrangle with the car-hire firm — and then you remember that you have forgotten to pay last month’s credit card bill, and there will be an interest charge if you wait until you are back at base.
But —- hey —- you can do it online and help is at hand. The receptionist is welcoming and helpful. They have Wi-Fi and it is free.
Relieved, you ask for the password. “Oh, you don’t need one,” he replies. “Just type in your room number and click the box.”
Phew! Problem solved. Er, not necessarily.
At this point the human race divides into two groups. Call them sheep and goats.
Sheep are sweet, trusting folks who like to think well of their fellow humans. Surely that helpful receptionist would not knowingly offer a dangerous service.
Also, they find digital technology baffling and intimidating. And they cannot imagine why anything they do online might be of interest to anyone.
Goats, on the other hand, have nasty, suspicious minds. They believe that many of their fellow humans may be up to something. They believe that, in this networked world, only the paranoid survive.
So when they see an open, free Wi-Fi network they smell a rat. And they would never, ever send confidential information via such a channel.
Sadly, in this particular context, the goats are wiser than the sheep.
They know that hotel chains have become a coveted target of hackers.
Many of the industry’s biggest operators have reported data breaches in recent years, including big names such as Hilton, InterContinental, Marriott and Hyatt.
Most of these attacks, according to Bloomberg, are focused on the property management systems (PMS) used by hotel chains to take reservations, issue room keys and store credit card data.
The Bloomberg report, written by Patrick Clark, was based on the exploits of a team of “white hat” hackers, employed to test the security of a particular system.
After plugging the Internet cable from a bedroom’s smart TV into a laptop they got into the hotel’s PMS, which led to the chain owner’s corporate system.
In doing so they gained access to credit card information for several years’ worth of transactions in dozens of hotels — and if they had been crooks the team could have sold the information on the black market, where a Visa card with a high credit limit can fetch up to US$20.
Why are hotels such tempting targets? Partly because their systems are easy to penetrate, technically.
“Hospitality companies long saw technology as antithetical to the human touch that represented good service. The industry’s admirable habit of promoting from the bottom up means it’s not uncommon to find IT executives who started their careers toting luggage. Former bellboys might understand how a hotel works better than a software engineer, but that doesn’t mean they understand network architecture,” Clark wrote.
The vulnerability is also a reflection of an occupational culture. After all, the hotel business is about welcoming guests and trying to anticipate — and satisfy — their needs.
Nowadays, everybody expects to have free Wi-Fi, so why not give them that in the most hassle-free way imaginable? No messing with passwords and cumbersome log-in procedures; just type in the room number and click “OK.”
From a hacker’s perspective, therefore, the hospitality industry looks like a prime opportunity: easy pickings from hotels’ booking records, plus juicy items of personal information from sheep using insecure Wi-Fi networks.
And it is not just hackers who are attracted to these honeypots, by the way.
The director of any intelligence service that has not been inside the internal systems of Trump’s Washington hotel since his election, for example, ought to be summarily fired for incompetence.
In the meantime, what can traveling holidaymakers do to protect themselves? The short answer is to invest in — and install — virtual private network (VPN) software on any device that travels with you.
A VPN functions as an encrypted tunnel to a special server located somewhere on the Internet.
If you connect to the Observer through a VPN, for example, then the VPN server connects to the paper on your behalf, and because all the traffic is encrypted it is gobbledegook to any snooper, which means that you can safely use hotel (and cafe) Wi-Fi networks wherever you go.
The only downside is that such unlimited protection does not come free, alas, so expect to pay an annual fee. (There are some free services, but they have restrictions on data usage or the number of devices or services you can access.)
TechRadar provides a useful guide to the best VPNs.
Remember that only the paranoid survive. And enjoy the rest of your holiday.
Taiwan stands at the epicenter of a seismic shift that will determine the Indo-Pacific’s future security architecture. Whether deterrence prevails or collapses will reverberate far beyond the Taiwan Strait, fundamentally reshaping global power dynamics. The stakes could not be higher. Today, Taipei confronts an unprecedented convergence of threats from an increasingly muscular China that has intensified its multidimensional pressure campaign. Beijing’s strategy is comprehensive: military intimidation, diplomatic isolation, economic coercion, and sophisticated influence operations designed to fracture Taiwan’s democratic society from within. This challenge is magnified by Taiwan’s internal political divisions, which extend to fundamental questions about the island’s identity and future
Taiwan People’s Party (TPP) Chairman Huang Kuo-chang (黃國昌) is expected to be summoned by the Taipei City Police Department after a rally in Taipei on Saturday last week resulted in injuries to eight police officers. The Ministry of the Interior on Sunday said that police had collected evidence of obstruction of public officials and coercion by an estimated 1,000 “disorderly” demonstrators. The rally — led by Huang to mark one year since a raid by Taipei prosecutors on then-TPP chairman and former Taipei mayor Ko Wen-je (柯文哲) — might have contravened the Assembly and Parade Act (集會遊行法), as the organizers had
Minister of Foreign Affairs Lin Chia-lung (林佳龍) last week made a rare visit to the Philippines, which not only deepened bilateral economic ties, but also signaled a diplomatic breakthrough in the face of growing tensions with China. Lin’s trip marks the second-known visit by a Taiwanese foreign minister since Manila and Beijing established diplomatic ties in 1975; then-minister Chang Hsiao-yen (章孝嚴) took a “vacation” in the Philippines in 1997. As Taiwan is one of the Philippines’ top 10 economic partners, Lin visited Manila and other cities to promote the Taiwan-Philippines Economic Corridor, with an eye to connecting it with the Luzon
The Chinese Nationalist Party (KMT) has postponed its chairperson candidate registration for two weeks, and so far, nine people have announced their intention to run for chairperson, the most on record, with more expected to announce their campaign in the final days. On the evening of Aug. 23, shortly after seven KMT lawmakers survived recall votes, KMT Chairman Eric Chu (朱立倫) announced he would step down and urged Taichung Mayor Lu Shiow-yen (盧秀燕) to step in and lead the party back to power. Lu immediately ruled herself out the following day, leaving the subject in question. In the days that followed, several
RSS