The PRIVATE WiFi Blog

Search By Topic:

Popular Topics:



PRIVATE WiFi

The PRIVATE WiFi Blog

Thought Leadership | Jun 6th, 2011

Ask the Expert: Is It Safe For Me to Use Hotel Wifi?

Kent Lawson

Q: I read your article about the risks of using wifi in hotels. I just don't understand why hotels would offer me something that leaves me so exposed. Hotels would never put me in a room without curtains on the windows or a deadbolt on the door, so why are hotels not doing more to protect me?

hotel wifi

A: This is a question I’ve often wondered myself. Since hotels are such excellent venues in which to steal confidential information, why don’t they do more to protect us?

The simple truth is that most hotel wifi networks are completely unsecured.

In fact, the risks associated with using a hotel network are much greater than using a wireless network at your home or office. Recently, a group called TrustWave SpiderLabs released a study that showed hotel networks accounted for nearly 40% of security breaches in 2009.

You want to know what’s even worse than that?

Most hotels didn’t even know these breaches occurred for nearly five months!

Hotel networks face two types of risks:

  • The first is the normal insecurity inherent to all wifi networks. I wrote about this topic a few weeks ago, and basically, there are just two ways hacking is done in public wifi hotspots. But it's pretty simple, and it doesn't even take a "geek" to figure it out these days.
  • The second type, which I find much more surprising, is that fully wired Ethernet communications (as in, when you plug your computer’s Internet cable into the hotel’s network) might be just as insecure.

You mentioned that you had read my earlier article on this topic, so you probably will recall that even I assumed that if I plugged directly into the hotel’s network with a cable that I was safe. However, Ethernet is a system that connects a bunch of computers to form a LAN (local area network). Nearly 90% of all LANs use Ethernet, which is over 30 years old. When it was first created, no one assumed that anyone would do anything malicious. How times have changed!

Nearly 20% of hotels in the United States use a hub configuration LAN, where all network data is sent to every computer connected to the network. Each computer is only supposed to listen to data specifically intended for it, and ignore the rest.

However, anyone connected to the network can simply switch their laptop’s network card to “promiscuous mode” and view all the information sent over the entire network -- unless that information is encrypted.

And if you have file sharing turned on (most people do but do not know it), all your files can be accessed.

Networks that use switches and routers are better because they send network traffic to a specific address. However, these networks are vulnerable to something called address resolution protocol (ARP) spoofing. Basically, hackers use a tool (freely available on the Internet) to “spoof” another user on the same network and can then steal data meant for that user.

So why aren’t hotels doing more to protect you?

I don't mean to criticize them, but it seems they are making a tradeoff between ease of use and security. This is a tradeoff that is inherent in most security issues. Essentially, they feel it is their role to provide a very easy-to-use wifi service and leave the security responsibility to the individual users.

Minimize Your Risk

While it’s important to understand the dangers inherent to all hotel networks, it’s more important to know what you can do about them. Below are some steps you can take to minimize these risks:

  • Disable or block file sharing.
  • Enable a Windows Firewall or install a third-party personal firewall.
  • Use file encryption.
  • Use a virtual private network (VPN).

A VPN encrypts all your Internet communication from being intercepted by others, whether in wifi or Ethernet networks. Don’t rely on hotels (or any other WiFi provider) to protect you. You need to protect yourself.

By using a VPN, all of your communication is encrypted between your laptop and the VPN’s remote server.

In fact, The New York Times recently noted that our PRIVATE WiFi™ software is a "VPN for the masses," as it easily protects you from passive sniffing and cyber attacks. If a hacker tries to listen in on your communications, whether in a hotel room or in any public wireless location, all they will see is gibberish.

Associated Topics:

Associated Topics:

Comments

Related Posts

The Three Legs of Protection: Antivirus Software, Firewalls, and VPNs

Thought Leadership
Kent Lawson | Apr 15th, 2015

We've all heard about antivirus software and firewalls. But we probably don’t know as much about the third leg of computer protection: a VPN, or virtual private network. In his latest article, company CEO Kent Lawson says we do this at our peril, because the damage we can suffer from not using a VPN may far outweigh the risks of the other two combined. After the large-scale hack attacks over the past few years, VPNs are now earning their spot as the third security leg that is vital to every-day computer security. Read More

New Hotel WiFi Vulnerability

Thought Leadership
Alok Kapur | Apr 9th, 2015

Earlier this year, the FTC declared a critical announcement for travelers: hotel WiFi is dangerous. Many people assume that because they are paying for it the network must be safe, but that is a dangerous assumption. Hotel WiFi networks are completely insecure; the bad news is that a new exposure in hotel WiFi has just been found. Read more to find out how you can keep yourself protected. Read More

Cyber Security Training Just As Important at C-Level

Thought Leadership
Eva Velasquez | Mar 24th, 2015

The need for better online safety training to prevent data breaches is a hot topic right now. Coupled with stronger computer and network policies, companies want to prevent the hacking events that leave businesses susceptible to a data breach. While it’s no secret that employees in both the private sector and government service can unintentionally expose organizations to hackers, what is surprising is a report by Wombat Security that shows that 33% of CEOs fell for phishing attacks that led to network access. Why are they falling for this kind of internet activity? Read More

E-filing: The Fastest and Safest Way to File Taxes?

Thought Leadership
Eva Velasquez | Mar 9th, 2015

E-filing your annual return to the IRS offers speed and convenience and when coupled with industry-approved software that can plug in the values for you, a lot of the headaches traditionally associated with doing your taxes are eliminated. However, there are some potential dangers that you should be aware of, such as insecure public WiFi networks and online tax fraud. Read More

X

Thank you for subscribing to our newsletters

Your email has been added to our system. You will be e-mailed shortly with a request to confirm your membership. Please make sure to click the link in that message to confirm your subscription.