We’ve all done it; the moment we check into a hotel, we instantly connect to their WiFi network without giving it a second thought. While connecting to a hotel’s WiFi network, we opt for the network that resembles the hotel’s name, assuming it’s authentic and safe.
We never assume otherwise.
What we don’t know is that hackers are known to easily imitate WiFi networks to steal your personal data. The WiFi network you connected to at the hotel could possibly be a fake network broadcasted by a hacker; this is referred to as a Man in the Middle Attack (MITM).
Age of Cybercriminals
Long gone is when you just had to protect your wallet from thieves and keep your essentials safe within your reach. With the digital age, stealing has taken a new definition as cybercriminals shift their illicit actions online.
It’s no secret that everybody prefers a free WiFi network. It’s an essential factor for the connected traveler when she’s choosing a hotel. However, be it a free WiFi, public WiFi, or hotel WiFi network, they’re all equally unsafe.
This is because your device connects to an insecure, non-encrypted WiFi network that, for all you know, is a bogus WiFi network. The risk of using a hotel WiFi is that you’ll be exposed to scams, hacks, viruses, and all kinds of malicious software attacks, and that is the case even if the hotel WiFi is legitimate.
That means there are two risks: using hotel WiFi which by nature is often not secure enough, and hitting hotel WiFi that may appear to be associated with a hotel but is actually commandeered by threat actors.
To the first point, a cybercriminal could be sitting at the hotel lobby or elsewhere on the globe and listen in on all conversations your smartphone or laptop is having with the outside world because traffic on public WiFi is being broadcast over the network at any given time.
To the second, well, we think that’s pretty self-explanatory. Access a hacker’s public access point, and you’re going to get burned.
Why is Hotel WiFi Not Safe?
Numerous public and hotel WiFi access points don’t use WPA security. Therefore, any device connected to hotel WiFi is effectively sending all data in clear-text, allowing a remote hacker to identify and extract information.
On the other hand, corporate networks generally have sophisticated security systems to secure themselves and their employees against malicious actors. The vast majority of public WiFi networks in hotels and other public places don’t have security measures in place.
It’s relatively easy for hackers to execute MITM and Man in the Browser attack due to the lowered security standard. It’s not just poor security; hotel networks are very lucrative for cybercrime. Hotel WiFi networks are often targeted as wealthy travelers, businesspeople, and other individuals are checking their emails, social accounts, and accessing online banking details.
The higher the class or rating of the hotel, the greater the risk of hackers attracted to the hotel as it’ll garner them higher rewards.
How Does This Work?
A typical hotel WiFi attack or any other WiFi attack for that matter involves compromising the WiFi network and then tricking users to downloading and installing a backdoor used to install spyware. The worst is the ‘evil twin attack’ where a hacker copies the original network, makes it free for users to access, and simply waits for them to connect to the network.
The hacker then steals username, account details, and passwords or redirects users to malware sites.
We Know a Great Workaround
There is only one solution to safely using a hotel WiFi network, and that’s to use a VPN. By connecting to a VPN, your online connection is encrypted, which protects you from cybercriminals. It doesn’t matter what kind of network you connect to, your VPN protects your communications, transactions, and online activities from being snooped on.
If you’re traveling locally or internationally, you should always use a VPN to access your social accounts, banking sites, and to get around geo-restrictions.
Isn’t an iPhone Secure?
It’s no doubt that Apple has designed the iPhone and its patented iOS software while keeping security in mind. Generally, an iPhone isn’t exposed to viruses, malware, and other software-based security threats, unlike most PCs and Android phones.
However, the same can’t be said about jailbroken iPhones. Since a jailbroken iPhone gets disconnected from Apple’s latest updates and security architecture, it no longer remains in the protected realm of online privacy and security.
That doesn’t mean that an iPhone itself isn’t ever at risk. While loopholes are difficult to find, the threat is very much real. Using an iPhone on a hotel WiFi puts you at greater risk since your online connection isn’t secure. The only way to safely use a hotel WiFi is by connecting with a VPN.