Researchers find millions of hotel door locks vulnerable to hacking
Door locks in use across hotels rooms worldwide are vulnerable to hackers after a flaw in key cards was identified.
Researchers from IT security firm F-Secure found that a design flaw in Assa Abloy manufactured locks, which include Vision by VingCard software, meant that a master key could be created to open any room.
The firm has shared its finding with Assa Abloy, which has implemented software fixes, though many hotels are yet to have installed the update.
Tomi Tuominen, practice leader at F-Secure Cyber Security Services, said: "You can imagine what a malicious person could do with the power to enter any hotel room, with a master key created basically out of thin air.
"We don't know of anyone else performing this particular attack in the wild right now."
The research was inspired by a colleague after their laptop was stolen from a hotel room with no signs of unauthorised access.
Tuominen added: "I would like to personally thank the Assa Abloy R&D team for their excellent co-operation in rectifying these issues.
"Because of their diligence and willingness to address the problems identified by our research, the hospitality world is now a safer place. We urge any establishment using this software to apply the update as soon as possible."
UKHospitality commented: "Thankfully, this sort of activity is rare, but accommodation providers do need to be aware of the risks that hacking and abuse of technology can pose.
"Those risks can usually be mitigated by regularly applying software updates and staying informed of new and better technologies and safeguarding practices. UKHospitality works closely with its members to advise how best to invest in security and we will be doing everything possible to help businesses that are affected or seek advice."
