- May 3, 2011
- 3,893
- Excerpt from the advisory sent by the U.S. Secret ServiceThe U.S. Secret Service has sent out an advisory to businesses in the hospitality industry to warn them that their computer systems for guests are targeted by cybercriminals who install keylogging software to steal personal information.
The letter was sent on July 10 and informs that suspects conducting this sort of activity in major hotel centers in the Dallas/Fort Worth areas have been arrested.
They would access the public computer systems in the business center of a hotel and download keylogging software from a Gmail address in order to install it.
The malicious software would surreptitiously record all activity on the affected computer, collecting personally identifiable details, log-in credentials for bank accounts or various other web services.
“The suspects were able to obtain large amounts of information including other guests’ personally identifiable information (PII), log in credentials to bank, retirement and personal webmail accounts, as well as other sensitive data flowing through the business center’s computers,” reads the advisory.
All the keystrokes of the guests using the compromised systems would be sent to the criminals’ email addresses. There is no information on the number of guests that have been affected by the nefarious activities of the crooks.
According to Brian Krebs, who got hold of the advisory letter, several recommendations are provided for increased security of the public computer systems offered by such businesses.
One of the measures is to limit the privileges of the account used by guests so that they are restricted from adding and removing new software on the machine. Although this is not a foolproof solution, it may discourage less technical cybercriminals from engaging in such activities.
“The attacks were not sophisticated, requiring little technical skill, and did not involve the exploit of vulnerabilities in browsers, operating systems or software. The malicious actors were able to utilize a low-cost, high impact strategy to access a physical system, stealing sensitive data from hotels and subsequently their guests’ information,” reads the advisory message.
As Krebs points out, having physical access to a machine is the easiest way to compromise it, given the multitude of tools that can be used to boot it into a different operating system which allows modifying the data on the original one.
Using a public computer for accessing services that hold private information poses a great risk many users are still not aware of.
And although there are solutions for ensuring privacy when working on such machines, not all businesses are capable of implementing them, either because of the logistics available or the lack of technical knowledge.
As such, it falls on the shoulders of the user to make sure that their private data remains safe from prying eyes.
Source
