When business travelers are on the go and need to print, a trip to the business center at a hotel, airport or convention center can be a lifesaver. This week, however, security blogger Brian Krebs published a memo from the U.S. Secret Service warning that criminals have been compromising hotel business center PCs with keystroke-logging malware, in a bid to steal personal and financial data from guests.
The warning is based on a Texas task force that recently arrested suspects in the Dallas/Fort Worth area who are believed to have compromised computers in several major hotel business centers in the area.
“In some cases, the suspects used stolen credit cards to register as guests of the hotels; the actors would then access publicly available computers in the hotel business center, log into their Gmail accounts and execute malicious key logging software,” the advisory reads.
“The keylogger malware captured the keys struck by other hotel guests that used the business center computers, subsequently sending the information via email to the malicious actors’ email accounts,” the warning continues. “The suspects were able to obtain large amounts of information including other guests personally identifiable information (PII), log in credentials to bank, retirement and personal webmail accounts, as well as other sensitive data flowing through the business center’s computers[JH1] .”
Does this mean that users who print in business centers risk compromising the security of the documents printed? “Of course it does”, says Prat Agarwal,
“The truth is that the keyloggers and other malware that criminals use to steal personal data is constantly changing, and just about the only way to prevent this kind of malware from being installed from a regular user account is to block users from inserting a USB drive, mobile device, or CD into the business center’s computers and printers,” Agarwal said. “A business center that did that wouldn’t have many customers, would it?”
Advice for Business Center Users
Since it’s hard for a business traveler to tell whether a public business center is completely locked down and secure or wide open and overrun with malware, how can people protect themselves when they’re on the go? Agarwal says that it’s a good idea not to use a public computer for anything more than browsing the Web.
“Don’t buy airline tickets or use your credit cards, don’t take care of banking or bill paying, and don’t allow the system to access any device that has sensitive company data on it,” he says.
As far as printing, there’s an easy solution: the Breezy app for Android or iOS devices offers thousands of partner locations, so you never need to risk downloading a document at a potentially compromised workstation. Print jobs are encrypted on your device, and sent securely to the Breezy partner location you select. “Breezy has thousands of secure public printing locations in the U.S.,” Agarwal says. “All you have to do is use the Breezy app’s intuitive map-based interface to select the closest secure location.”
Of course, some companies may not want to allow printing outside the office at all. Breezy can accommodate those as well: “Our web-based administrative dashboard allows administrators to block public printing altogether, for environments where security is especially important,” Agarwal says. “Over 90% of our users’ printing is done via on-premise printers, and for some companies, their own printers are enough.”
Business center and hospitality companies concerned about the newest security warning for business centers can download Breezy’s white paper for the hospitality industry. For more information about secure mobile printing and how mobile device users and IT departments can protect sensitive data, watch this video from Breezy, or download The Definitive Guide to Mobile Printing, a free ebook from Breezy.
Photo credit: This photo of the business center at the Hotel Grand Velas in Riviera Maya near Quintana Roo, Mexico, was offered on Flickr under a Creative Commons License. The use of this photo in this blog post is not intended to imply that there are any security issues or concerns associated with this particular hotel or its business center.