Photo © Ymgerman | Dreamstime.com
We’ve gone from having to pay for Wi-Fi during a hotel stay to having free connectivity throughout the property, from the guest room to the conference center to the lobby bar. What could be better than that?
Safe Wi-Fi, apparently.
Unfortunately, says Norton (yes, they of the anti-virus programs), many hotels have minimal network security, older networking technology and insufficient data encryption. That all adds up to one thing: Guests’ data is not being safeguarded as much as they’d expect.
When hotel guests browse or enter information online, the data might not be fully protected from interception by others on the same network. Even if a guest does not sustain an attack on the hotel’s Wi-Fi, the hotel could still monitor and track their online activities for marketing purposes.
The darker threat is that of hackers who set up a rogue access point that imitates the hotel Wi-Fi’s name, tricking guests into connecting to the wrong network. It’s the same kind of thing that happens in airports when users plug into what they mistakenly believe are official hotspots.
According to Aura, In 2019, security researchers tested Wi-Fi hacking across 45 locations in five countries. Not a single hotel passed the test. The situation hasn’t gotten any better in recent years. Hotels are the third most common target of cyber-attacks, representing 13 percent of all cyber compromises in 2020.
Norton published this list of ways hackers get hold of data, and on the same page, a list of the risks attached to using hotel Wi-Fi.
Even The Federal Bureau of Investigation is advising caution when using hotel wireless networks (Wi-Fi), and provides some cautionary tips that can help ensure safety:
- If possible, use a reputable Virtual Private Network (VPN) to encrypt network traffic, making it harder for a cybercriminal to eavesdrop on your online activity.
- If available, use your phone's wireless hotspot instead of hotel Wi-Fi.
- Before travelling, ensure your computer's operating system (OS) and software are up to date on all patches, important data is backed up; and your OS has a current, well-vetted security or anti-virus application installed and running.
- Confirm with the hotel the name of their Wi-Fi network prior to connecting, then look carefully at the networks being offered before selecting. So-called “evil twin” networks are often set up to look similar to (but not identical with) that of the hotel.
- Do not connect to networks other than the hotel's official Wi-Fi network; again, ascertain that you are, in fact, connecting to the real thing.
- Connect using the public Wi-Fi setting, and do not enable auto-reconnect while on a hotel network.
- Always confirm an HTTPS connection when browsing the internet; this is identified by the lock icon near the address bar.
- Avoid accessing sensitive websites, such as banking sites, or supplying personal or financial data, such as social security numbers or credit card information. (Worth noting: One of the ways hotel guests get hacked in hotel rooms is by inputting their credit card information while booking tours or tickets to attractions.)
Taking the extra steps to safeguard data takes time; however, what hackers are counting on are travelers being in a rush to get online and indiscriminately selecting options that compromise the integrity of their connection.
Kids, whose internet awareness may be less sophisticated than that of their parents, also tend to fall prey to hackers.
Pretty grim stuff. But sadly, it’s not rare, and the potential for getting hacked while traveling continues to grow. For example, in-flight Wi-Fi is often hacked as well, as a reporter for USA TODAY learned from firsthand experience, much to his shock. The techniques for cutting down that risk are similar to those that can be used by hotel guests.
About the Author
