In a new Public Service Announcement, the FBI has warned of the dangers of using Wi-Fi networks in hotels, listing the potential risks involved. Primarily, the announcement warns that the networks typically favor guest convenience over strong security practices, and could therefore leave users vulnerable to cyber-attacks. The wireless passwords used by hotels aren’t always kept secret, with small hotels often displaying the password on a sign at their service desk. These passwords are also changed infrequently, meaning that, in many cases, access can be easy to obtain by using a combination of a room number and a password. Guests themselves are usually unable to control, verify, or monitor network security, so they have no way of knowing what, if any, protections are in place.
Additionally, a hotel may have old or outdated network equipment and software with unpatched vulnerabilities that criminals can easily exploit. This type of shared and unsecured public network provides an inviting target for cybercriminals, who can monitor a victim’s internet browsing activity or redirect them to illicit login pages.
Public Wi-Fi has never been so appealing to cybercriminals as in the current moment. With an increase in people working remotely, coffee shops have become inviting places for employees around the world to create pop-up offices, but far too often many forget the most basic security advice. The widely-held idea that “it won’t’ happen to me” can be a very dangerous attitude to have when jumping on an unknown network.
It is far safer to always use a virtual private network (VPN) when connecting to an unknown network – and remain cautious of any public Wi-Fi, whether it is free or not. Another option is to hotspot your laptop via your smartphone and use 4G. It is not worth the risk of using public Wi-Fi when potentially exposing you and your company’s data to unknown attackers who are easily able to direct you into potential hazards.