A San Francisco-based cybersecurity expert claims he has hacked and taken control of hundreds of highly automated rooms at a five-star Shenzhen hotel, according to the South China Morning Post.
Jesus Molina was staying at the St Regis Shenzhen that provides guests with an iPad and digital butler app to control features of the room including the thermostat, lights and television.
Realising how vulnerable the system was, Molina wrote a piece of code spoofing the guest iPad so he could control the room from his laptop. After some investigation, and three room changes, he discovered that the network addresses of each room and the devices within them were sequential, allowing him to write a script to potentially control every one of the hotel’s more than 250 rooms.
“Hotels are particularly bad when it comes to security,” Molina said. “[They’re] using all this new technology, which I think is great, but the problem is that the security architecture and security problems are way different than for residential buildings”.
With residential automation, Molina explained, most systems will be closed and encrypted. However, in hotels and airports “or any other space where a lot of people access the network”, keeping the network secure is far more difficult.
Molina said the KNX automation system the hotel used was also insecure, which made the hack easier.
“I’m an ethical hacker, if you can say that,” Molina said, explaining why he didn’t immediately plunge the entire hotel into darkness or switch every television to the same channel. Instead, he stood in the corridor and triggered the do-not-disturb lights, “so I knew I was able to control the room and everything inside”.
Molina reported the problem to hotel management, which disabled the entire network while they sought a more secure automation solution. Molina said he hoped the hack, and the attention it had received, would lead to more hotels improving their security systems.
Molina will present his findings at the Black Hat Briefings cybersecurity conference in Las Vegas next month.
“The hotel industry needs to wake up when it comes to security,” he said of the risk posed to guests by open hotel wifi networks.
“People think that they go to these portals and put in their room number and last name and then you access the Internet,” but anyone connected to the wifi, even non-guests “can still see you, because we’re on the same network”.