Skip to Content
chevron-left chevron-right chevron-up chevron-right chevron-left arrow-back star phone quote checkbox-checked search wrench info shield play connection mobile coin-dollar spoon-knife ticket pushpin location gift fire feed bubbles home heart calendar price-tag credit-card clock envelop facebook instagram twitter youtube pinterest yelp google reddit linkedin envelope bbb pinterest homeadvisor angies

Shenzhen is the Silicon Valley of mainland China. Situated about 50 minutes north of Hong Kong, the modern city is home to the Shenzhen Stock Exchange and numerous high-tech giants and startups. So naturally, the city’s five-star hotels regularly host wealthy moguls in their luxury rooms. Last year, one of those hotels also hosted a hacker from Spain who discovered that he could seize control of the wealthy guests’ highly-automated rooms.

Jesus Molina, who was staying at the St. Regis Shenzhen hotel, found that he could easily take control of the thermostats, lights, TVs, and window blinds in all of the hotel’s 250-plus rooms, as well as alter the electronic “Do Not Disturb” lights outside each door—all from the comfort of his luxurious bed.

He’ll be presenting his findings at the Black Hat security conference in August.

The Vulnerability

St. Regis supplies every guest with an iPad and digital “butler” application to control the features in their room. Molina, a native Spaniard who works as an independent security consultant in the U.S., found that the system uses an insecure protocol and configuration. It allows anyone to sniff commands as they cross the wireless network and replay them at will—to any connected device in the hotel.

Read More