The new hacker invention to break into hotels, guest houses and bed and breakfast establishments may look like a harmless dry board marker, but in truth it’s the ultimate lock picker.
In a post titled ‘James Bonds Dry Erase Marker,’ hotel hacker Matthew Jakubowski demonstrates how anyone can build a device which is pocket sized and will open an estimated 4 million hotel room doors. “we wanted to show that this sort of attack can happen with a very small concealable device”, says Matthew Jakubowski, a security researcher with Trustwave.
The device exploits a weakness in Onity locks, which is used in approx 22,000 hotels worldwide. The lock has a small porthole at the bottom, which is there for hotels to set master keys. Hacker, Cody Brocious, discovered that you could read the lock’s memory through this port, including a decryption key.
At the Black Hat Conference, which took place in Las Vegas in July, Borcious demonstrated this. Onity then responded with a way to patch the weakness in August, but the fix required hotels to make additional hardware repairs to millions of locks and pay for more secure versions of their locks. This has become very costly for many hotels across the world. Now Jakubowski’s refined device can pop most locks in a fraction of seconds and if a guest were to be searched, it would be unlikely many people would see a dry board marker as a threat.
With the costly expense of replacing locks and/or fixing locks are you covered for this risk of theft from your establishment? Have you checked your hotel insurance or bed and breakfast insurance that you are covered? Buildings & Contents Insurance will protect your building against an unforeseen event and contents will protect you for the valuables.
Getting the right B&B insurance or hotel insurance in place for your business does not have to be as costly as you may think. The Business Octopus fully understands that each bed & breakfast or hotel establishment will be different, and our insurance packages are tailored to your businesses specific needs.