• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

FBI Sounds the Alarm: Hotel Wi-Fi Poses an Increased Security Risk for Teleworkers

December 2, 2020 By Stephen Helm

As the COVID-19 outbreak devastated the travel industry, many hotels launched “work-from-hotel” programs to appeal to locals who needed an escape from their home workspace. Hotels now offer daytime room reservations for people who wanted a quiet, distraction-free place to work, with the added amenities one would expect in a hotel.

Unfortunately, cyber criminals have seized on the vulnerabilities of hotel Wi-Fi networks. Recognizing the escalating threat, the FBI issued a Public Service Announcement warning of the risk of telework via poorly secured hotel Wi-Fi networks.

“Attackers target hotels to obtain records of guest names, personal information, and credit card numbers. The hotel environment involves many unaffiliated guests, operating in a confined area, and all using the same wireless network. Guests are largely unable to control, verify, or monitor network security. Cyber criminals can take advantage of this environment to monitor a victim’s Internet browsing or redirect victims to false login pages. Criminals can also conduct an ’evil twin attack‘ by creating their own malicious network with a similar name to the hotel’s network. Guests may then mistakenly connect to the criminal’s network instead of the hotel’s, giving the criminal direct access to the guest’s computer.”

The FBI provided guidance for reducing the risk of hotel Wi-Fi, including:

  • Using a VPN to encrypt network traffic.
  • Confirming with the hotel the name of their Wi-Fi network prior to connecting.
  • Ensuring you only connect to the hotel’s official Wi-Fi network.
  • Always look for an HTTPS connection (lock icon) when browsing the Internet.
  • Avoid accessing sensitive websites, such as banking sites, or supplying personal data.
  • Use multi-factor authentication for sensitive accounts.

Wi-Fi networks are the weakest link in the security chain for many hotels, yet today it is considered a standard amenity for their guests. While these tips can help businesses and their employees stay safe, the hotels themselves should bear some of the security burden.

With the right Wireless Intrusion Prevention System (WIPS), hoteliers can set up a Trusted Wireless Environment that can not only keep users safe on the network, but actively knock down Rogue Access Points and “Evil Twins” without running afoul of the law.

A Trusted Wireless Environment is one that provides protection against the six known Wi-Fi threat categories simultaneously while maintaining performance and delivering the connection quality hotels guests demand.

Deploying a Trusted Wireless Environment is easier than you might think, as some vendors provide solutions that can operate as dedicated WIPS sensor alongside your existing access points.

Learn more in our Trusted Wireless Environment whitepaper.

You can help build the future of secure Wi-Fi across the world!

Concerned about Wi-Fi security? Everyone can join the Trusted Wireless Environment movement and advocate for global security standard for Wi-Fi. Visit www.TrustedWirelessEnvironment.com today!

Share This:

Related

Filed Under: Editorial Articles Tagged With: 6 known wi-fi threat categories, cyber attack, evil twin, evil twin ap, FBI, hotel, hotel wi-fi, movement, remote employee, remote security, Remote Wi-Fi, secure wifi, trusted wireless environment, wi-fi network, wi-fi security, WIPS

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • The RCE Vulnerability That Wasn’t
  • When Trying to Catch ‘Em All, Leave This RAT Alone

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: ACLU Unveils Mass Surveillance Program, (More) Malvertising, and Breaches
  • Law Enforcement Infiltrate and Seize Hive Ransomware Operation
  • Cybersecurity News: Malvertising, Ransomware, and Alleged IRS Breach
  • The RCE Vulnerability That Wasn’t
  • When Trying to Catch ‘Em All, Leave This RAT Alone
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use