Forgot your password?
typodupeerror
China Security IT

Hotel ISP iBahn Denies Breach By Chinese Hackers 30

Posted by timothy
from the just-hired-new-typographers dept.
alphadogg writes "iBahn, a provider of internet services to some 3,000 hotels worldwide, denied on Thursday a news report that its network was breached by hackers. Bloomberg wrote that a highly skilled group of hackers based in China, which U.S. investigators have called 'Byzantine Foothold,' attacked iBahn, citing unnamed sources, including one U.S intelligence official. In a written statement, iBahn said it was aware of the allegations in the news report but it had 'not found proof of any breach on the iBahn network.'"
This discussion has been archived. No new comments can be posted.

Hotel ISP iBahn Denies Breach By Chinese Hackers

Comments Filter:
  • by SoothingMist (1517119) on Thursday December 15, 2011 @11:56AM (#38383824)
    'not found proof of any breach on the iBahn network' is not at all the same as saying that a breach did not take place.
    • by Qzukk (229616) on Thursday December 15, 2011 @12:09PM (#38383990) Journal

      The post title is exactly what iBahn is claiming. The Iraqi information minister would be proud.

      • by moderatorrater (1095745) on Thursday December 15, 2011 @12:36PM (#38384332)
        No, it's not. iBahn is saying they have no proof that it happened and that they're investigating, which is all they can do. They're not denying a break in, they're giving the best information they can.
        • by Jawnn (445279)
          I see that you have "corporate double-speak" as a second language, my friend. Allow me to translate for you...
          "no proof..." actually means "no proof that we can not escape admitting to" or the more concise "no 100% certain proof". Either is accurate because, in 48-72 hours, they will finally have to admit that yes, "It does appear that certain parties gained unauthorized access to certain portions of our network, though it remains unclear just what data may have been compromised." And of course that's the
      • by Galestar (1473827)
        Or the Ministry of Truth back home in the good ol' U.SofA a.k.a the 6 media conglomerates.
    • Wait, so if they haven't found any breach, but some "unnamed intelligence official" told the press that they have, and the press is reporting that they have... well, where did the story come from and how did it get so much traction if iBahn doesn't even know about it?

      Wait, could this be just another piece of anti-Chinese, anti-communist propaganda being floated by the American press? Of course not! We don't have propaganda and psy-ops here in the USA!

      • by rtb61 (674572)

        A quick easy guess here. The Chinese whilst developing a skill a cracking other countries networks are still largely ineffectual at securing their own.

        US intelligence services making use of some very professional hackers at NSA http://en.wikipedia.org/wiki/Nsa [wikipedia.org], were able to hack into China's security services networks and basically find and monitor China's computer network cracking efforts.

        There have been so many backdoors hacked into China's intelligence network services that they are likely better sc

  • If iBahn finds no proof of a breach, the hackers were really good....
  • to go on the "i"-Bahn?

  • 1,500,000,000 chinese hackers walked into a hotel.

    "It's not every day we see 1,500,000,000 chinese hackers walk into my inn," said the surprised innkeeper.

    "And with these room rates you don't see many more!" stated the 1,500,000,000 chinese hackers.

  • by Anonymous Coward

    Juror: Senator. Is it true that you beat your wife?
    Senator: What on earth? No!
    THE DAILY HEADLINEGRABBER leads with
    "Senator Denies Wife Beating"

    • Re: (Score:3, Funny)

      by Anonymous Coward
      The more typical example is (in internet form form):

      Have you stopped beating your wife? (required)
      o Yes
      o No
  • by jafo (11982) on Thursday December 15, 2011 @12:15PM (#38384052) Homepage

    I've had the pleasure of working with iBahn in the past at conferences. They don't have the sharpest techs I've dealt with. For example, I had a tcpdump of their DHCP server handing out a lease with the gateway in a different network*. Obviously, this didn't work... "Well, I can reboot all the APs for you..." Now, the APs weren't doing DHCP...

    So, iBahn is saying they "haven't found any breach"? I'm not convinced that their lack of finding it is an indication that it hasn't happened. I wonder what equipment they've rebooted trying to find it. :-)

    (* Details: the DHCP server handed out an address like 10.1.1.2 in a /24 network, and the gateway was 10.5.254.254. These are rough approximations, not the exact IPs, but give you an idea)

    • by Anonymous Coward

      I work with iBahn regularly, and other hotel ISPs (generally called HSIA providers in the industry; short for High Speed Internet Access). Their Tier 1 and Tier 2 technicians are never that sharp. As always there are exceptions but their help desk agents. Not NOC specialists. Generally the senior engineers are pretty sharp at these places, once you work at them for a bit and make them really think about an issue instead of trying to pass the buck off to someone else.

      Anyways, you don't seem to know as mu

      • by Anonymous Coward

        I can't find my login, so anonymous it is....

        Please explain to all reading how exactly you can have your first router hop outside of your broadcast range.

        Note: He said a /24 network, which in his example would have a subnet mask of 255.255.255.0 and the broadcast range would be 10.1.1.255. How is the guest machine supposed to get to the first router (10.5.254.254) if it is outside of the /24 subnet? If this was a larger network, /8 for example, that would be fine...stupid for a hotel, but fine.

      • by mikael_j (106439)

        You do realize his point was that it handed out an unreachable gateway, right?

        • by jafo (11982)

          The statement "you don't know as much about X as you think", as we see here, is generally a good indication that you are about to say something really stupid. :-)

  • by fsckmnky (2505008) on Thursday December 15, 2011 @12:28PM (#38384216)
    Is being "attacked" by {hacker group x} the same as being "breached" by {hacker group x} ?

    I think one can be attacked, and not be breached, if the attack was repelled successfully by whatever security measures were in place.
    • by Ihmhi (1206036)

      It's like the square shape rule. A square is both a square and a rectangle, but a rectangle is not a square. Similarly, a breach implies a successful attack, whereas an attack alone was obviously repelled (as there was no breach). So, it's an attack and breach.

      • by fsckmnky (2505008)
        The government official said the company was "attacked."

        The company spokesperson said the company was "not breached."

        Perhaps the government official let some inside info slip.

        There was some commenter controversy over whether the statements conflicted with each other.

        At this point it's difficult to claim a statement conflict exists.
  • Given the current state of WiFi it's hard for hotels,cafes, conferences to provide WiFi access to guests and not have them able to snoop on each other's traffic.

    IIRC you can use WPA2 Enterprise (the rest are crackable), but that means the guests have to login. In theory you can give all the guests the same username and password (with WPA2 Enterprise I think they won't be able to decrypt each other's traffic even if they had the same username and password but this is not true if it was the WPA2 shared key cr
    • by jmauro (32523)

      I'd rather just have it unencrypted as an access point, there is less trouble that way. If you're using a 3rd party for your network transit you can pretty much assume that it's insecure. If you're really worried run a VPN over it.

      • by TheLink (130905)
        Not helpful from the perspective of a hotel trying to provide a better WiFi service to guests.

APL hackers do it in the quad.

Working...