With the busy travel weekend upon us, our CEO, Terry Koosed’s has some tips to share about how not to get hacked when using Hotel Wi-Fi.
By Terry Koosed, CEO of Bel Air Internet
Vacationing often involves daredevil adventures, but gambling with identity theft isn’t exactly the risk-taking most travelers have in mind.
As CEO of Bel Air Internet, an Internet Service Provider that counts dozens of Southern California hotels among our customers, I’ve seen Hotel Wifi go from a novelty amenity to a can’t-live-without-it necessity in just the last few years. But even though hotels strive to give you all the comforts of home, often their Wifi networks don’t deliver the premium level of security you have at your own house, making guests an easy target to hackers.
“The free Wifi at coffee shops is usually more secure than hotels,” explains our CTO, Diego Salas. While the hotels that we provide Internet for are given secure, encrypted and segmented networks (if you wondering, the technical term for that is “super safe”), many hotels haven’t caught up to that technology yet, leaving their guests unaware at their cyber exposure.
In fact, guests who have been hacked during a hotel stay may not even realize it, falling victim to viruses, spyware or identity theft once they are back home, but unaware as to how and when their personal information was accessed.
While there’s no completely foolproof way to avoid a determined hacker besides swearing off the Internet for the duration of your hotel stay (which might work if you’re on a beach in Tahiti, say, but not so much if you’re business traveling), hackers tend to go for easy targets. If you make it too hard, they’ll move on to the next one.
With peak-travel President’s Day weekend coming up, I’ve compiled a list of the ultimate 9 Do’s and Don’ts of using Hotel Wifi, to help educate travelers on how to safeguard themselves from getting hacked while vacationing.
- Don’t connect to the wrong network (it could be a trap)
When you’re staying at a hotel, take a second to ensure you’re actually connecting to the hotel’s true Wifi network and not one with a similar name that’s designed to trick you (i.e., “Hotel Guest Wifi”). Hackers routinely set up these decoy networks, waiting for someone to take the bait and connect. Once you do, they have the ability to see everything you’re doing online (and depending on your firewall protection, access your computer’s entire hard drive). Always consult the front desk and have them provide the network name and password.
- Don’t assume Wifi is “protected” because you typed in a password.
This one is the most shocking to frequent travelers. Most people have enough basic cyber common sense when surfing on public Wifi hotspots (like a hotel lobby or rooftop), but what they don’t know is that just because a hotel requires you to type in a password to access the Internet, it doesn’t necessarily mean the network is any more secure. Typing in a password is merely an authentication process—guests could still be signing onto an open network. (To check if the Wifi network is secure, look to see if there is a “lock” symbol next to the network name, which provides more safety than if not).
Even on a secure network, with the way most hotel networks are configured, anyone that is signed into that same Wifi network with a password is on the same network and thus, could potentially hack into your computer, gaining access to passwords, credit card numbers and personal information.
The only way for a hotel to truly protect their Wifi users is to segment their network traffic (like we do), but at this time, many do not utilize that technology. So then, how to protect yourself if you find yourself on a questionable hotel Wifi network…?
- Do take simple precautions like Firewall Protection.
Hacking doesn’t just mean someone can grab your online information. If you don’t have Firewall Protection, a hacker can access your entire computer hard drive (including cached credit cards and passwords). Luckily, enabling firewall protection is simple (just a click of a button) and doing so essentially eliminates the hard drive threat.
(To enable firewall protection, go to Control Panel on Windows or System Preferences on Mac. As an extra precaution, make sure your firewall protection software is up to date before traveling.)
- Do Disable File Sharing.
Sharing files or any activities where two computers talk to one another (like music sharing between you and your spouse’s computers in a hotel room) is one of the riskiest things you can do over hotel Wi-Fi (or any public network for that matter). By default, most laptops have file sharing turned on, so take the extra step to specifically turn it off in your “Control Panel” settings on Windows or in “System Preferences” on a Mac.
- Don’t perform any money transactions on hotel Wifi. Period.
Avoid logging into your online banking account or doing any type of online shopping, money transfers or transactions…you’re making it way too easy for a hacker to get your passwords or credit card info.
- Don’t assume “https://” means your transaction is secure.
This one is another shock for the savvy cyber travelers out there. “Https://” indicates that the data transfer between your laptop and that particular website is secure on their end of the site. But it doesn’t mean someone can’t hack in on your end. In other words, if you’re at home on your own personal, secure Wifi network, then a “https” is a great sign — it means you’re doing business with a verified, secure site, but if you’re on a compromised network (like a hotel with open Wifi), you’re still vulnerable.
- Do feel free to use Wifi for “safe” activities.
Relax in your hotel room and use your Wifi for benign activities like reading blog posts or news from websites you’ve visited before and know are legitimate. Streaming is also fine, as long as you’re using services and websites that you’ve used before and trust (like YouTube). But beware, every time you manually type in a password, someone could potentially be tracking it. And if you see a pop-up for a new version of Adobe, don’t take the bait. Wait to do any software updates until you are in the privacy of your own home (and Wifi network).
- Do sign off from the Internet when not in use (or turn your computer off).
Staying signed into the Wifi indefinitely (which most hotel guests do, leaving it on for the duration of their stay) means you’re giving hackers a lot more time to access your computer (they can only access it when you’re online). Turning it off or putting your computer in “hibernate” mode will eliminate their ability to do so.
- Do ask questions before you book a hotel.
For those guests looking to be the most proactive about their cyber-safety, consider taking into account the type of Wifi network a hotel has before you book. “At hotels that we provide Internet for, we segment and encrypt the traffic so that other users on the network can’t access it,” Salas explains. “Those are the key words you’re looking for when you call and ask a hotel about their network.”
The upshot? If enough consumers begin to demand safer Wifi, the hotel industry will take notice and begin to upgrade the safeguards on their networks.
Until that day, keep the travel risk-taking limited to surfing waves, not the web.