Japanese hotel's robots modified to prevent security risk

The operator of the robot-staffed Henn na Hotel chain announced that bedroom robots have been modified to prevent hackers from gaining access to the units. H.I.S. Hotel Group acknowledged that it had been possible for persons to gain unauthorized access to its 100 Tapia robots at the Henn na Hotel Maihama Tokyo Bay, located near Tokyo Disney Resort. The hotel, which is owned by H.I.S. Group, is famous for being staffed by androids, including at the front desk. Hotel rooms are unlocked using facial recognition technology, and inside each room is a bedside bot that acts as a virtual assistant.

A security researcher claimed on Twitter that he had warned H.I.S. back in July that the bedroom robots were hackable. According to the researcher, the bots have unsigned code, which means that a user can tap a near-field communication tag on the back of the robot's head and allow access via whatever streaming app they choose.

Japanese newspaper the Tokyo Reporter said that H.I.S. Group has apologized for ignoring warnings that the in-room robots posed a massive privacy and security risk. According to the newspaper, the company had decided that the chance of hackers gaining unauthorized access to the bots was too low to merit any action. The robots have now been updated and are no longer vulnerable.

There are 10 hotels in the Henn na Hotel chain operating through Japan. 

According to H.I.S., the unauthorized access of the Tapia robots included the ability for a guest to view the room remotely. However, the company added that there was no evidence that a guest had previously gained such access.

“We apologize for any uneasiness caused,” H.I.S said in a tweet. The company also said that a maintenance procedure had been undertaken on the robots.

Thomas Hatch, chief technology officer and co-founder at SaltStack, a provider of intelligent IT automation software, told InfoSecurity this is a situation where the general populace is being violated in unsuspected ways because of the rampant introduction of centrally managed devices, like robots, TVs, toys and more.

"We end up in a situation that is new to humanity, one where we are monitored more aggressively than our predecessors imagined, and not by central authorities but by criminals,” he said.   

Hatch predicted incidents of this nature will become increasingly common. "Even large companies with large resources are struggling to keep up with securing their assets, let alone smaller companies that are pushing these devices out to the world,” he continued. “Many smaller companies lack the proclivity or motivation to secure such devices."