Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Hotel ISP iBahn Denies Breach By Chinese Hackers

timothy posted more than 2 years ago | from the just-hired-new-typographers dept.

China 30

alphadogg writes "iBahn, a provider of internet services to some 3,000 hotels worldwide, denied on Thursday a news report that its network was breached by hackers. Bloomberg wrote that a highly skilled group of hackers based in China, which U.S. investigators have called 'Byzantine Foothold,' attacked iBahn, citing unnamed sources, including one U.S intelligence official. In a written statement, iBahn said it was aware of the allegations in the news report but it had 'not found proof of any breach on the iBahn network.'"

cancel ×

30 comments

Sorry! There are no comments related to the filter you selected.

Posting's Title is Misleading (4, Insightful)

SoothingMist (1517119) | more than 2 years ago | (#38383824)

'not found proof of any breach on the iBahn network' is not at all the same as saying that a breach did not take place.

Re:Posting's Title is Pretty much spot on (4, Insightful)

Qzukk (229616) | more than 2 years ago | (#38383990)

The post title is exactly what iBahn is claiming. The Iraqi information minister would be proud.

Re:Posting's Title is Pretty much spot on (3, Insightful)

moderatorrater (1095745) | more than 2 years ago | (#38384332)

No, it's not. iBahn is saying they have no proof that it happened and that they're investigating, which is all they can do. They're not denying a break in, they're giving the best information they can.

Re:Posting's Title is Pretty much spot on (1)

Jawnn (445279) | more than 2 years ago | (#38386392)

I see that you have "corporate double-speak" as a second language, my friend. Allow me to translate for you...
"no proof..." actually means "no proof that we can not escape admitting to" or the more concise "no 100% certain proof". Either is accurate because, in 48-72 hours, they will finally have to admit that yes, "It does appear that certain parties gained unauthorized access to certain portions of our network, though it remains unclear just what data may have been compromised." And of course that's the standard way of easing into "Yes, they stole the personal data and credit card details of about sixty-five million of our customers."

Re:Posting's Title is Pretty much spot on (0)

Galestar (1473827) | more than 2 years ago | (#38393092)

Or the Ministry of Truth back home in the good ol' U.SofA a.k.a the 6 media conglomerates.

Where do press stories come from Mommy? (1)

Slur (61510) | more than 2 years ago | (#38386006)

Wait, so if they haven't found any breach, but some "unnamed intelligence official" told the press that they have, and the press is reporting that they have... well, where did the story come from and how did it get so much traction if iBahn doesn't even know about it?

Wait, could this be just another piece of anti-Chinese, anti-communist propaganda being floated by the American press? Of course not! We don't have propaganda and psy-ops here in the USA!

Re:Where do press stories come from Mommy? (0)

Anonymous Coward | more than 2 years ago | (#38386850)

where did the story come from and how did it get so much traction if iBahn doesn't even know about it?

I tried to figure this out yesterday and got no where. The names of the two reporters was as far as I got. The whole story sounded very fishy, but I just figured it was a security company behind the scare mongering.

Re:Where do press stories come from Mommy? (0)

Anonymous Coward | more than 2 years ago | (#38389856)

This was part of the RSA-related breach from a while back...remember the imfamous 760 company hack?

Re:Where do press stories come from Mommy? (1)

rtb61 (674572) | more than 2 years ago | (#38395724)

A quick easy guess here. The Chinese whilst developing a skill a cracking other countries networks are still largely ineffectual at securing their own.

US intelligence services making use of some very professional hackers at NSA http://en.wikipedia.org/wiki/Nsa [wikipedia.org] , were able to hack into China's security services networks and basically find and monitor China's computer network cracking efforts.

There have been so many backdoors hacked into China's intelligence network services that they are likely better scrapping the whole network and starting again. Problem of course is, whilst the government of China has found greed to be such a useful tool in gaining access to overseas networks is equally vulnerable to the same tactic.

It's so funny when the most secure and expensive, tens of millions of dollars worth, computer network can be cracked, often permanently (hardware, wiring) by nothing more than say a $10,000 bribe.

Best security when it comes to the internet, air gap, if it absolutely doesn't need to be connected to the internet than don't bloody connect it. Any network security person that saves pennies to spend pounds needs to be fired and where ever possible go with parallel networks and hardware, internal and external. Internal desktops, hard wired, all data imported or exported done at a secured station audited and verified. External, cheap smart books for email/internet et al, meh, who cares, wireless and rebuild as necessary.

Re:Posting's Title is Misleading (0)

Anonymous Coward | more than 2 years ago | (#38445336)

You placement the guts section upon your throat and then change the software till ones biceps are around the item plus the many other conclude from it is scheduled within your cheap hair straightener [ghdhairsalon.com] . Effortless, proper? The check is fantastic for to start a date occasion. It is easy to put on the little black dress along with set highlight with it by way of putting together this kind of group headscarf on a shawl. You'll not primarily appearance for that reason smart as well as cheap hair straightener, you may look and feel toasty as well as comfy specially on top of a cold particular date.

No proof != no proof (2)

vikingpower (768921) | more than 2 years ago | (#38383856)

If iBahn finds no proof of a breach, the hackers were really good....

How fast are you allowed (0)

Compaqt (1758360) | more than 2 years ago | (#38383866)

to go on the "i"-Bahn?

One Fine Day .. (0)

ackthpt (218170) | more than 2 years ago | (#38383878)

1,500,000,000 chinese hackers walked into a hotel.

"It's not every day we see 1,500,000,000 chinese hackers walk into my inn," said the surprised innkeeper.

"And with these room rates you don't see many more!" stated the 1,500,000,000 chinese hackers.

Reminds me of the old (1)

Anonymous Coward | more than 2 years ago | (#38383964)

Juror: Senator. Is it true that you beat your wife?
Senator: What on earth? No!
THE DAILY HEADLINEGRABBER leads with
"Senator Denies Wife Beating"

Re:Reminds me of the old (3, Funny)

Anonymous Coward | more than 2 years ago | (#38384032)

The more typical example is (in internet form form):

Have you stopped beating your wife? (required)
o Yes
o No

I'm not sure they would be able to tell... (5, Funny)

jafo (11982) | more than 2 years ago | (#38384052)

I've had the pleasure of working with iBahn in the past at conferences. They don't have the sharpest techs I've dealt with. For example, I had a tcpdump of their DHCP server handing out a lease with the gateway in a different network*. Obviously, this didn't work... "Well, I can reboot all the APs for you..." Now, the APs weren't doing DHCP...

So, iBahn is saying they "haven't found any breach"? I'm not convinced that their lack of finding it is an indication that it hasn't happened. I wonder what equipment they've rebooted trying to find it. :-)

(* Details: the DHCP server handed out an address like 10.1.1.2 in a /24 network, and the gateway was 10.5.254.254. These are rough approximations, not the exact IPs, but give you an idea)

Re:I'm not sure they would be able to tell... (1)

Anonymous Coward | more than 2 years ago | (#38384370)

I work with iBahn regularly, and other hotel ISPs (generally called HSIA providers in the industry; short for High Speed Internet Access). Their Tier 1 and Tier 2 technicians are never that sharp. As always there are exceptions but their help desk agents. Not NOC specialists. Generally the senior engineers are pretty sharp at these places, once you work at them for a bit and make them really think about an issue instead of trying to pass the buck off to someone else.

Anyways, you don't seem to know as much about network setups as you think. Having multiple DHCP pools is par for the course at public venues. Generally speaking you don't want guest users on the same network as your core equipment. Hell, for the Nomadix AG3100 (one of the most common hospitality gateways in the US) generally has guests on a 172.x.x.x network and a separate 10.x.x.x network for networking equipment. I've seen 4 different vendors use that same kind of layout.

I generally butt heads with HISA providers but you were wrong on this point so felt I should defend them.

Re:I'm not sure they would be able to tell... (1)

Anonymous Coward | more than 2 years ago | (#38384664)

I can't find my login, so anonymous it is....

Please explain to all reading how exactly you can have your first router hop outside of your broadcast range.

Note: He said a /24 network, which in his example would have a subnet mask of 255.255.255.0 and the broadcast range would be 10.1.1.255. How is the guest machine supposed to get to the first router (10.5.254.254) if it is outside of the /24 subnet? If this was a larger network, /8 for example, that would be fine...stupid for a hotel, but fine.

Re:I'm not sure they would be able to tell... (2)

mikael_j (106439) | more than 2 years ago | (#38384686)

You do realize his point was that it handed out an unreachable gateway, right?

Re:I'm not sure they would be able to tell... (1)

jafo (11982) | more than 2 years ago | (#38387614)

The statement "you don't know as much about X as you think", as we see here, is generally a good indication that you are about to say something really stupid. :-)

The question is ... (2)

fsckmnky (2505008) | more than 2 years ago | (#38384216)

Is being "attacked" by {hacker group x} the same as being "breached" by {hacker group x} ?

I think one can be attacked, and not be breached, if the attack was repelled successfully by whatever security measures were in place.

Re:The question is ... (1)

Ihmhi (1206036) | more than 2 years ago | (#38392210)

It's like the square shape rule. A square is both a square and a rectangle, but a rectangle is not a square. Similarly, a breach implies a successful attack, whereas an attack alone was obviously repelled (as there was no breach). So, it's an attack and breach.

Re:The question is ... (1)

fsckmnky (2505008) | more than 2 years ago | (#38392274)

The government official said the company was "attacked."

The company spokesperson said the company was "not breached."

Perhaps the government official let some inside info slip.

There was some commenter controversy over whether the statements conflicted with each other.

At this point it's difficult to claim a statement conflict exists.

Then there's the problem of WiFi (1)

TheLink (130905) | more than 2 years ago | (#38384496)

Given the current state of WiFi it's hard for hotels,cafes, conferences to provide WiFi access to guests and not have them able to snoop on each other's traffic.

IIRC you can use WPA2 Enterprise (the rest are crackable), but that means the guests have to login. In theory you can give all the guests the same username and password (with WPA2 Enterprise I think they won't be able to decrypt each other's traffic even if they had the same username and password but this is not true if it was the WPA2 shared key crap).

But the problem then is the guests would have to know what username and password to use. So this is where you'd need help from Microsoft, Apple, etc to set up a standard for WPA2 Enterprise guest accounts, much like the defacto "ftp" accounts for anonymous access.

Of course there would still be the problem of MITM attacks - attackers could setup an AP that pretended to be the hotel's AP, so perhaps you'd need some certs/fingerprints or other way to verify the APs.

Re:Then there's the problem of WiFi (1)

jmauro (32523) | more than 2 years ago | (#38384732)

I'd rather just have it unencrypted as an access point, there is less trouble that way. If you're using a 3rd party for your network transit you can pretty much assume that it's insecure. If you're really worried run a VPN over it.

Re:Then there's the problem of WiFi (1)

TheLink (130905) | more than 2 years ago | (#38386030)

Not helpful from the perspective of a hotel trying to provide a better WiFi service to guests.

bloomberg got it wrong, or OP did (0)

Anonymous Coward | more than 2 years ago | (#38385646)

"Byzantine Foothold" is not a hacker group, it';s part of the US's Cyber Defense mess. Oh, wait..

It's not a breach... (0)

Anonymous Coward | more than 2 years ago | (#38385754)

It's not a breach if they stayed at one of the Inns...

Too Late! (0)

Anonymous Coward | more than 2 years ago | (#38393968)

So da ne. Laitozu ne.

Bai bai ... doumo ... yoroshiku ne.

LoL

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>