Skip to main content
0 Results Found
              Back To Results

                When Good Guys Go Bad: In the Hotel Suite

                Tales from the frontlines of the Secureworks® Adversary Group

                If you think about a hotel room today, it has lots of connectivity – from smart TVs, to mini-bar sensors, to guest Wifis. What opportunities does that present to a motivated attacker?

                In this video, Nate Drier, Secureworks Technical Lead for Penetration Testing, describes an engagement in which he was able to access a hotel’s internal network from one of their hotel suites. By challenging their assumptions about strong network security and leveraging the expertise of penetration testers using an adversarial, hands-on approach, this proactive client was able to improve their defenses.

                Listen to the full webcast to learn more about the most common attack vectors and how to defend against them.


                So we have a hotel client and they were interested in determining if an attacker checked into one of their guest rooms, what they could do. They spent a lot of time and money like every company, protecting their internal, sensitive systems, things that store sensitive data, process credit cards, things like that and they were really interested if they had a hacker check in to one of their guest rooms, does that give them any more access than anybody else, right? Could they leverage something in a guest room to attack their internal network? And you think about a hotel room, it's got lots of connectivity. It's got a Smart TV that hooks to the internet, it's got a minibar. They need to know when you took your snack out of the minibar, it'll automatically charge you. AV hubs, there's guest WiFi, there's lots of connectivity within your room so I think specifically we were looking at the TV, had a ethernet jack plugged into it to give it its internet access to be able to stream content and media to the TV.

                We unplugged that ethernet jack, plugged it into our laptop, scanned that network and we found something that looked kinda fishy. It was a system that didn't look like it belonged on a guest TV network, right? So, we started poking at that, analyzing that. Of course we found a vulnerability in it, hadn't been patched in a while, we were able to compromise that system. Once we were on it, we discovered there was another network interface. There was one for our half of the guest network and another network interface for what turned out to be their corporate network where they have all the guest registration systems, the check-in desk, point of sale systems for when they're swiping and running credit cards. So of course, we were able to use that as a pivot point, compromise that system, jump into the next network and compromise pretty much everything there. Make off with the guest details, steal credit card numbers at the end of the day. So the client was happy. I mean, at first, I think they were kinda sad that we found something, right? They put a lot of time and effort into architecting this network, they thought they did things right but that's kind of our job is to show up and challenge that assumption. Like, I assume a network's strong and secure, that's why you hire guys like my team 'cause we show up and we challenge that and try to find things that you can fix to make it better.

                We generate around 2 billion events each month. With Secureworks, we are able to crunch down that number to 20-30 high fidelity alerts — and that makes my team's job much easier.
                Sunil Saale, Head of Cyber and Information Security, Minter Ellison
                With Secureworks Taegis ManagedXDR, I have the peace of mind that my environment is being monitored 24x7 and if a threat actor tries to attack Secureworks will alert me, quickly investigate, and collaborate to fully resolve before damage can be done.
                Jerry Ryan, VP of IT, We Florida Financial

                Why Secureworks?

                Secureworks (NASDAQ: SCWX) is a global cybersecurity leader that protects customer progress with Secureworks® Taegis™, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improving customers’ ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions.

                Close Modal
                Close Modal