Who would have thought that over 14 years ago hackers had the technology to use old and invalid hotel key cards to break into rooms at hotels? Tomi Tuominen and Timo Hirvonen — who are security consultants for Finnish data security company F-Secure — have cracked the 14-year old mystery. Like previously stated, their discoveries have led them to believe that hackers can use any type of hotel card (expired,invalid,active) to create a master key and enter any room. This makes it easy for thief’s to quickly enter hotel rooms and steal belongings without leaving a trace. Luckily, these researchers have worked with Assa Abloy (the world’s largest lock manufacturer) to fix the software.
While the update was issued to lodging locations that use this system and software in February, it has been estimated that there are still hundreds of thousands that are still using old software. Albeit, the researchers have assured people that the risk for any type of software breach is very low because they will not be publishing their findings or methodology. All that could be said about what was causing this hole in the security was a minor technical design flaw.
From this article I have two takeaways. One being that hackers are ruthless and are constantly doing whatever they can to find a flaw in any type of software. Hotel key card software would have been the last places I would have expected – this is probably why I am not a hacker. Secondly, it just reinforces my point from previous blogs that we need to do more as a nation and society to invest in cyber defense mechanisms. We are all prone to hackers and need to do everything in our power to make sure we have the proper anti-spyware software installed to our devices.
Article Used: https://www.reuters.com/article/us-cyber-keys/hotel-key-cards-even-invalid-ones-help-hackers-break-into-rooms-idUSKBN1HW1QB