As the COVID-19 outbreak devastated the travel industry, many hotels launched “work-from-hotel” programs to appeal to locals who needed an escape from their home workspace. Hotels now offer daytime room reservations for people who wanted a quiet, distraction-free place to work, with the added amenities one would expect in a hotel.
Unfortunately, cyber criminals have seized on the vulnerabilities of hotel Wi-Fi networks. Recognizing the escalating threat, the FBI issued a Public Service Announcement warning of the risk of telework via poorly secured hotel Wi-Fi networks.
“Attackers target hotels to obtain records of guest names, personal information, and credit card numbers. The hotel environment involves many unaffiliated guests, operating in a confined area, and all using the same wireless network. Guests are largely unable to control, verify, or monitor network security. Cyber criminals can take advantage of this environment to monitor a victim’s Internet browsing or redirect victims to false login pages. Criminals can also conduct an ’evil twin attack‘ by creating their own malicious network with a similar name to the hotel’s network. Guests may then mistakenly connect to the criminal’s network instead of the hotel’s, giving the criminal direct access to the guest’s computer.”
The FBI provided guidance for reducing the risk of hotel Wi-Fi, including:
- Using a VPN to encrypt network traffic.
- Confirming with the hotel the name of their Wi-Fi network prior to connecting.
- Ensuring you only connect to the hotel’s official Wi-Fi network.
- Always look for an HTTPS connection (lock icon) when browsing the Internet.
- Avoid accessing sensitive websites, such as banking sites, or supplying personal data.
- Use multi-factor authentication for sensitive accounts.
Wi-Fi networks are the weakest link in the security chain for many hotels, yet today it is considered a standard amenity for their guests. While these tips can help businesses and their employees stay safe, the hotels themselves should bear some of the security burden.
With the right Wireless Intrusion Prevention System (WIPS), hoteliers can set up a Trusted Wireless Environment that can not only keep users safe on the network, but actively knock down Rogue Access Points and “Evil Twins” without running afoul of the law.
A Trusted Wireless Environment is one that provides protection against the six known Wi-Fi threat categories simultaneously while maintaining performance and delivering the connection quality hotels guests demand.
Deploying a Trusted Wireless Environment is easier than you might think, as some vendors provide solutions that can operate as dedicated WIPS sensor alongside your existing access points.
Learn more in our Trusted Wireless Environment whitepaper.
You can help build the future of secure Wi-Fi across the world!
Concerned about Wi-Fi security? Everyone can join the Trusted Wireless Environment movement and advocate for global security standard for Wi-Fi. Visit www.TrustedWirelessEnvironment.com today!