Feeds

Hotel blames burglaries on hacked Onity card locks

Black Hat demo exploited in the wild

Website security in corporate America

Updated A Texas hotel is claiming to have suffered multiple burglaries stemming from flaws in a common type of electronic lock, exploits for which were demonstrated at this year's Black Hat hacking conference.

In July, security researcher Cody Brocious showed how a device cobbled together from $50 worth of parts could be used to break into locks manufactured by Onity, which supplies some of the largest hotel chains in the world. The device plugs into the data port on the locks and opens them by defeating poor crypto in the locking system.

Now the Hyatt hotel in Houston's Galleria complex has told Forbes that its guests suffered a string of break-ins in September, and that it had identified the hacking of its Onity locks as the method used. 27-year-old Matthew Allen Cook has been arrested for the break-ins and is helping the police with their inquiries.

"We will vigorously defend these charges, and all the facts will be available after the trial," Cook's lawyer said.

The hotel owners say they became aware of the issue with Onity locks in August and were working with the company on a fix when the thefts took place. At the time of the Black Hat presentation, Onity called the hack "unreliable, and complex to implement," but it appears not too complex for others to imitate.

So far Onity has offered two workarounds – covering up the data port with screws that are difficult to remove, or replacing the entire circuit board of the lock, which the manufacturer wants hotels to pay for themselves.

The hotel said it had been taking steps to mitigate the flaw but the robberies occurred before this had been done. It was eventually reduced to posting a physical guard in reception to try and deter thefts, in addition to gumming up the data port of the locks with epoxy glue.

Insurance firm Petra Risk Solutions issued an alert to its customers on the Onity locks last month, but said that around a fifth of its customers have yet to deal with the issue. Todd Seiders, director of risk management at Petra, said the company was already aware of other cases of theft using the hack.

"We're expecting incidents in which these devices are used to explode nationally," he said. "As crooks find success with it, they’re going to go back to the Internet and say 'hey, it works. I was able to break into ten rooms.' And then others build it and try it. We're going to get hit hard over the next year." ®

Update

"Onity places the highest priority on the safety and security provided by its products. Immediately following the hacker’s public presentation of illegal methods of breaking into hotel rooms, Onity engineers quickly developed both mechanical and technical solutions to address the issue," the company said in an emailed statement.

"These solutions have been tested and validated by two independent security firms, and are available to customers worldwide. All requests for these solutions have already been fulfilled, or are in the process of being fulfilled."

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Blood-crazed Microsoft axes Trustworthy Computing Group
Security be not a dirty word, me Satya. But crevice, bigod...
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.