Search By Topic:

Popular Topics:



Thought Leadership | Jun 6th, 2011

Ask the Expert: Is It Safe For Me to Use Hotel Wifi?

Kent Lawson

Q: I read your article about the risks of using wifi in hotels. I just don't understand why hotels would offer me something that leaves me so exposed. Hotels would never put me in a room without curtains on the windows or a deadbolt on the door, so why are hotels not doing more to protect me?

hotel wifi

A: This is a question I’ve often wondered myself. Since hotels are such excellent venues in which to steal confidential information, why don’t they do more to protect us?

The simple truth is that most hotel wifi networks are completely unsecured.

In fact, the risks associated with using a hotel network are much greater than using a wireless network at your home or office. Recently, a group called TrustWave SpiderLabs released a study that showed hotel networks accounted for nearly 40% of security breaches in 2009.

You want to know what’s even worse than that?

Most hotels didn’t even know these breaches occurred for nearly five months!

Hotel networks face two types of risks:

  • The first is the normal insecurity inherent to all wifi networks. I wrote about this topic a few weeks ago, and basically, there are just two ways hacking is done in public wifi hotspots. But it's pretty simple, and it doesn't even take a "geek" to figure it out these days.
  • The second type, which I find much more surprising, is that fully wired Ethernet communications (as in, when you plug your computer’s Internet cable into the hotel’s network) might be just as insecure.

You mentioned that you had read my earlier article on this topic, so you probably will recall that even I assumed that if I plugged directly into the hotel’s network with a cable that I was safe. However, Ethernet is a system that connects a bunch of computers to form a LAN (local area network). Nearly 90% of all LANs use Ethernet, which is over 30 years old. When it was first created, no one assumed that anyone would do anything malicious. How times have changed!

Nearly 20% of hotels in the United States use a hub configuration LAN, where all network data is sent to every computer connected to the network. Each computer is only supposed to listen to data specifically intended for it, and ignore the rest.

However, anyone connected to the network can simply switch their laptop’s network card to “promiscuous mode” and view all the information sent over the entire network -- unless that information is encrypted.

And if you have file sharing turned on (most people do but do not know it), all your files can be accessed.

Networks that use switches and routers are better because they send network traffic to a specific address. However, these networks are vulnerable to something called address resolution protocol (ARP) spoofing. Basically, hackers use a tool (freely available on the Internet) to “spoof” another user on the same network and can then steal data meant for that user.

So why aren’t hotels doing more to protect you?

I don't mean to criticize them, but it seems they are making a tradeoff between ease of use and security. This is a tradeoff that is inherent in most security issues. Essentially, they feel it is their role to provide a very easy-to-use wifi service and leave the security responsibility to the individual users.

Minimize Your Risk

While it’s important to understand the dangers inherent to all hotel networks, it’s more important to know what you can do about them. Below are some steps you can take to minimize these risks:

  • Disable or block file sharing.
  • Enable a Windows Firewall or install a third-party personal firewall.
  • Use file encryption.
  • Use a virtual private network (VPN).

A VPN encrypts all your Internet communication from being intercepted by others, whether in wifi or Ethernet networks. Don’t rely on hotels (or any other WiFi provider) to protect you. You need to protect yourself.

By using a VPN, all of your communication is encrypted between your laptop and the VPN’s remote server.

In fact, The New York Times recently noted that our PRIVATE WiFi™ software is a "VPN for the masses," as it easily protects you from passive sniffing and cyber attacks. If a hacker tries to listen in on your communications, whether in a hotel room or in any public wireless location, all they will see is gibberish.

Associated Topics:

Associated Topics:


Related Posts

Cyber Security Training Just As Important at C-Level

Thought Leadership
Eva Velasquez | Mar 24th, 2015

The need for better online safety training to prevent data breaches is a hot topic right now. Coupled with stronger computer and network policies, companies want to prevent the hacking events that leave businesses susceptible to a data breach. While it’s no secret that employees in both the private sector and government service can unintentionally expose organizations to hackers, what is surprising is a report by Wombat Security that shows that 33% of CEOs fell for phishing attacks that led to network access. Why are they falling for this kind of internet activity? Read More

E-filing: The Fastest and Safest Way to File Taxes?

Thought Leadership
Eva Velasquez | Mar 9th, 2015

E-filing your annual return to the IRS offers speed and convenience and when coupled with industry-approved software that can plug in the values for you, a lot of the headaches traditionally associated with doing your taxes are eliminated. However, there are some potential dangers that you should be aware of, such as insecure public WiFi networks and online tax fraud. Read More

FTC Says Hotel WiFi is Dangerous

Thought Leadership
Kent Lawson | Feb 23rd, 2015

Recently, the FTC posted an article on their website stating that hotel WiFi is dangerous and that users should not assume that just because they pay for Internet access that their connection is secure.

We couldn’t agree more. In fact, I have been stating this fact since we launched PRIVATE WiFi nearly five years ago.  This is an important topic because hotel traveler’s rank WiFi access at hotels as the number one amenity that they look for when booking hotel rooms. Read More

How Are You Celebrating Safer Internet Day 2015?

News & Features
Jared Howe | Feb 9th, 2015

Safer Internet Day (SID), which falls on February 10th this year, helps promote safe and more responsible use of technology and mobile phones, especially for young children and teenagers.  This day of awareness and education gets more important every year because, for better or worse, the Internet is a part of our everyday lives.

Read on to get more involved. Read More


Thank you for subscribing to our newsletters

Your email has been added to our system. You will be e-mailed shortly with a request to confirm your membership. Please make sure to click the link in that message to confirm your subscription.