You’ve jetted off on holiday and you are coming back to your hotel after a long day of shopping, relaxing on the beach or sightseeing. You are hot, tired, maybe even a little sun burned and all you want to do is have a cold shower and relax before dinner. You step out of the elevator and your room is only a few steps away. You take out your mobile keycard (the 21st century apparently finds a way to incorporate phones into absolutely everything, even accessing your hotel room), ready to be met by fresh white sheets. But the red light does not turn green. Instead, it lets out an obnoxious beeping sound and flashes red. Maybe it is the wrong room? No, 802 is definitely your room. So, you try again.
The flashing continues and the beeping permeates your ear drums. You have just noticed that there are a few other people on your floor having the same issue. After exchanging some confused glances, you decide to unite together to get to the bottom of the problem. You and your comrades go back down to the lobby, frustrated, and head straight to the front desk. The frazzled concierge explains to you that you no longer have access to your room…the hotel has found itself victim to a ransomware attack.
A hotel hack?
Not the holiday you were hoping for… A bad actor has managed to gain access to the hotel’s network through a spoofed peripheral and has hijacked the system that controls the keycards, with hotel management being unable to regain control until the ransom is paid.
This type of attack is a very real threat to hotels that utilize the high-end IoT lock key. By using mobile devices as keycards, hotels are putting themselves at risk as each device acts as an entry point for a bad actor attempting to gain access to the network. IoT devices, although having many advantages, also come with an increased threat to cybersecurity. These smart devices are connected to the network and, should a malicious actor take control of one, a variety of attacks can take place.
Attackers are utilizing IoT devices when carrying out hardware attacks as they are easier to target. Hardware attacks require physical access, and this can be risky when there are numerous physical security measures in place. As such, IoT devices, which are used in less secure areas, are an ideal entry point. Targeting just one device can allow perpetrators to infiltrate the network and carry out attacks such as the ransomware attack described above and in this case, hack a hotel. Although paying the ransom is actually advised against, some organizations have no option as they do not have the means or capabilities to do anything else. As such, there is a large financial burden imposed on the victim, as well as a loss of productivity and reputational damage.
The best way to avoid these consequences is to prevent the hotel hack from happening in the first place. Since this was carried out using a Rogue Device, the ideal solution is to implement a Rogue Device Mitigation solution. By detecting and blocking Rogue Devices, an RDM solution would have not allowed the perpetrators to be successful. By closing the entry points, the hotel can keep their doors open…literally.
Sepio platform uses a novel algorithm, a combination of physical layer fingerprinting module coupled with a Machine Learning module – providing the sought-after visibility and enforcement level, it is further augmented by a threat intelligence database – ensuring a lower risk hardware infrastructure.
Hardware Assets Control solution for iot security
Sepio Hardware Access Control HAC-1, provides 100% hardware device visibility.
HAC-1 enables Hardware Access Control by setting rules based on the devices characteristics.
HAC-1 instantly detects any devices which breach the set rules and automatically block them to prevent malicious attacks, and in this case a Hotel Hack.
The idea is to Verify and then Trust that those assets are what they say they are.
With greater visibility, the zero-trust architecture can grant access decisions with complete information.
Thus, enhancing the enterprise’s protection within, and outside of, its traditional perimeters.
The Hardware Access Control capabilities of HAC-1, block Rogue Devices as soon as they are detected
Our HAC-1 solution stops an attack at the first instance, not even allowing such devices to make network access requests.
Sepio Hardware Access Control HAC-1 provides 100% hardware device visibility. No device goes unmanaged. Rogue Devices are block as soon as they are detected. HAC-1 solution stops an attack at the first instance, not even allowing such devices to make network access requests.
Physical Layer Fingerprinting
Sepio is the only company in the world to undertake Physical Layer fingerprinting . HAC-1 detects and handles all peripherals; no device goes unmanaged.
With this total visibility, a stronger cyber security posture is achieved. There is no longer needed to rely on manual reporting or employee compliance. Sepio manage security and provides answers to questions such as:
- Do we have an implant or spoofed device in our network?
- How many IoT devices do we have?
- Who are the top 5 vendors for devices found in our network?
- Where are the most vulnerable switches in our network?
Having visibility across all hardware assets provides a more comprehensive cyber security defense.
Reduce the risk of a hardware attack being successful and our private health data being stolen.
Founded in 2016 by cybersecurity industry veterans from the Israeli Intelligence community, Sepio’s HAC-1 is the first hardware access control platform that provides visibility, control, and mitigation to zero trust, insider threat, BYOD, IT, OT and IoT security programs.
Sepio’s hardware fingerprinting technology discovers all managed, unmanaged and hidden devices that are otherwise invisible to all other security tools.
Sepio is a strategic partner of Munich Re, the world’s largest re-insurance company, and Merlin Cyber, a leading cybersecurity federal solution provider.
Heavy spending on cybersecurity should bring a high return on investment, yet gaps in visibility limit this. Sepio Hardware Access Control (HAC-1) solution provides a panacea to gaps in device visibility to ensure you are getting the most out of your cybersecurity investments.
HAC-1 integrates with existing solutions, such as NAC, EPS, SIEM and SOAR, to enhance the organization’s cybersecurity posture. HAC-1’s deep visibility capabilities mean no device goes unmanaged; the solution identifies, detects, and handles all IT/OT/IoT devices.
Moreover, HAC-1’s policy enforcement mechanism and Rogue Device Mitigation capabilities instantly block any unapproved or rogue hardware, and in this case, stops an Hotel Hack. In doing so, ultimately, HAC-1 enables a Zero Trust Hardware Access approach which stops attackers at the first line of defense.
Sepio supporting compliance
Sepio Hardware Access Control (HAC-1) solution provides entities with the Physical Layer coverage they need to obtain complete device visibility. And, in doing so, also provides protection against hardware-based attacks.
As the leader in Rogue Device Mitigation (RDM), Sepio’s solution identifies, detects and handles all peripherals; no device goes unmanaged.
HAC-1 uses Physical Layer fingerprinting technology and Machine Learning to calculate a digital fingerprint from the electrical characteristics of all devices and compares them against known fingerprints.
In doing so, HAC-1 is able to provide organizations with ultimate device visibility and detect vulnerable devices and switches within the infrastructure.
In addition to the deep visibility layer, a comprehensive policy enforcement mechanism recommends on best practice policy and allows the administrator to define a strict, or more granular, set of rules for the system to enforce. When a device breaches the pre-set policy, HAC-1 automatically instigates a mitigation process that instantly blocks unapproved or Rogue hardware.
Furthermore, HAC-1’s RDM capabilities support compliance with Section 8 of the EO, which concerns the government’s investigative and remediation capabilities. Section 8 focuses on enhancing data collection efforts in order to improve the investigation and remediation processes following an incident. HAC-1 logs all hardware asset information and usage and maintains such data for a period defined by the system administrator.