A hotel giant protected itself with the password ‘qwerty1234’
A couple from Vietnam presented evidence that they were responsible
The company has not recognized its very serious error in cybersecurity
The corporate network of IHG, the world’s largest hotel company and owner, among other brands of Holiday Inn, was protected by the password ‘qwerty1234’. This should be the news and conclude it here for everyone to reflect on, but if you have come this far it is because you want to know how this has been possible and if what we are telling you is real.
On September 6, InterContinental Hotels Group (IHG, for its acronym in English) published an alert stating that its servers had been the victim of “unauthorized activity”, commonly ‘hacked’. There is nothing new, unfortunately, since cyberattacks are our daily bread and listed corporations are obliged to report it.
The heart of the matter would be revealed a little later and not thanks to corporate information, but to the hackers themselves. As we can read on the BBC, “a couple from Vietnam”, as they called themselves, contacted this medium through Telegram claiming that the attack was their responsibility and presenting evidence (screenshots) that confirmed it. .
Nobody wants to know anything now about a password that everyone knew
You may think this is a sophisticated cyber attack where hackers have gone to great lengths using multiple servers, but forget all this glamour: unauthorized access to IHG’s servers was due to laziness or laziness on the part of the IT department: the only layer of security that allowed access to their servers was the poor password ‘qwerty1234’. Not even on your home computer would you have that carelessness…
The worst of the matter is that we have known all this, as we have told you, because it has been the hackers themselves – they call themselves TeaPea – who have contacted the BBC to assume responsibility.
Without economic motivation?
You will be thinking… Surely there was an economic interest, but the truth is that it was not: they have done it only out of boredom, or the satisfaction of knowing that they could do it. Of course, his first intention was to install a ransomware and if he had, we don’t know how this story would have really ended.
We say that it was their first intention because IHG reacted quickly to the first symptoms of the cyberattack (it was the customers themselves who warned of the slowness of the system), isolating the servers. TeaPea, seeing that he could not achieve his goals, opted for another no less devastating action: delete information as far as they were allowed.
It is not known for sure what the scope of the cyberattack is, since IHG has always defended that it was a sophisticated action and they have not recognized the ‘qwerty’ theory at any time, despite having screenshots that demonstrate it .
These captures, according to the BBC, show that this couple accessed internal emails in Outlook and meetings in Teams, and seeing that they could not achieve their goals, they opted for a “wiper attack”, or what is the same, destroy everything what they could (another gesture of frustration when seeing that they could not obtain an economic benefit with the action).
The attackers managed to gain access to the system using phishing, by cheating an employee with an attachment. The surprise would come later, when he discovered that this, and another 200,000 other employees, accessed the system using the fragile password that we have mentioned. No additional security barriers.