Hotel "Public" Wi-Fi Is Scarier than You Think

3/7/2018

"Hotel Wi-Fi is unsafe." This is not the first time you'll hear this statement, and it's probably not going to be the last.  But what exactly makes it unsafe?  Plenty of guests are traveling to new hotels every day without being hacked, so how scary can it be? The answer: It's scarier than you think. This article from Aerwave discusses the pitfalls of common public WiFi practices and offers a simple solution to this problem.

There has been a long history of Wi-Fi security breaches within hotel networks (the WSJ has a good article here), but there are three overriding themes that make a "public" or shared wireless network something to be worried about (and, by the way, these aren't just specific to hotels).

  • Fake Networks / Access Points.  When you go to a public place, you are typically joining a network that you don’t know.  Most public areas make the network information available to you, but network names are very easily mimicked and a pervasive tactic from hackers is to broadcast a similar looking network name to entice you to connect your device to it.  A hacker may even pass their internet connection to you so that, to you, it feels like you're linking safely to your bank account, but in reality, the hacker is watching every click and keystroke that you make.
  • Encryption.  By now you probably have a good understanding of what constitutes "good" Wi-Fi security: Open networks, or networks that don't require a password, are very dangerous because they do not offer the encryption protection that Closed networks do.  Closed networks are protected by a password, which is used to encrypt your data as it passes between your device and the access point.  The password protects users that have access to the network from users that don't have access.  However, what about other users that have the password?  While closed networks are certainly safer than open networks, they don't provide as much protection in a public setting as you would hope.  Anyone who has the password to the network is also holding the key to decrypt your data. That is a significant security issue!
  • Privacy.  In a private environment (like at your office or your home), you're not going to give a stranger access to your network; presumably, everyone on that private network is a "trusted" user. However, on a public network, there are no real restrictions regarding who can or can't join.  So, when you are on a shared Wi-Fi network, there is a good chance that you are sharing the network with people that you don't know.  Now, you’re connected to other unknown devices that have a direct path to your device and potentially your data.  Networked devices can share files, programs, resources, and even viruses.  A shared network connection puts you at risk, regardless of your encryption tools.  In public, privacy might be your best security. 

So, what can you do as a user?  As you might have heard, one of your best options today is to use a Virtual Private Network ("VPN").  VPNs allow you to create a secure connection with an off-site server and use it to encrypt all of your data, meaning any local hacker is going to have a tough time decrypting your information.  However, there is another option that solves each of these issues and it might sound pretty familiar: a guest network.  You probably have one at your house, and you definitely have one at your office, but guest networks are a handy tool for creating secure connections.  A guest network is separate from your primary network, meaning that not only can it use different passwords (and therefore, different encryption), it keeps your devices and data distinct from those on the primary network.  So, what if each hotel guest had a unique network for their stay?  Well, it would start feeling a lot less like public Wi-Fi and a lot more like a private network.

While this practice hasn't hit the mainstream just yet, some companies have begun to create a platform that automates private networks in public places.  This allows businesses to build a network that lives in the cloud and seamlessly finds you.  This means that you don’t just have access to a private network, you have access to your private network. And that brings peace of mind.

X
This ad will auto-close in 10 seconds