Levi, Ray & Shoup, Inc.

Be extra cautious with hotel Wi-Fi

10/22/2020 by Joshua Brant

By Joshua Brant

For so many of us, the last few months have dragged on like years.

Complying with mandatory shelter-in-place directives has meant working from home and getting completely away from the comforting routine of commuting to the workplace. But now, even the commute to the office lacks any sort of comfort.

So some workers have turned to hotels, which are now offering day rates for people who want an isolated place to work, or they’re heading to hotel lobbies to get a change of scenery. And of course, some people are actually traveling for pleasure simply because they can.

Regardless of their reason for being there, they’re taking advantage of hotel Wi-Fi networks.

And that presents a security problem. It’s particularly important to think about this during National Cybersecurity Awareness month.

The FBI issued an alert earlier this month warning that, “While this option may be appealing, accessing sensitive information from hotel Wi-Fi poses an increased security risk over home Wi-Fi networks. Malicious actors can exploit inconsistent or lax hotel Wi-Fi security and guests’ security complacency to compromise the work and personal data of hotel guests.”

As the alert noted, many hotel networks are built with a higher priority on guest convenience than robust security practices. Think of the times you’ve seen cards in a hotel lobby telling you the Wi-Fi password; that’s not the sign of a secure network.

Because there is no hotel industry standard for secure Wi-Fi access, you should not implicitly trust that the hotel has properly secured their network or is monitoring it for attacks. Keep in mind that when you log onto a vulnerable network to work, you put your computer and your company’s data at risk. And you shouldn’t even think about accessing sensitive websites such as banking or credit card sites using hotel Wi-Fi.

The FBI offered several suggestions for protecting your computer and data when using a hotel Wi-Fi network, including:

  • If possible, use a reputable Virtual Private Network (VPN) while teleworking to encrypt network traffic, making it harder for a cybercriminal to eavesdrop on your online activity.
  • Confirm with the hotel the name of their Wi-Fi network prior to connecting.
  • Do not connect to networks other than the hotel’s official Wi-Fi network.
  • Follow your employer’s security policies and procedures for wireless networking.

You can get the full FBI alert by clicking here.

You can also get guidance on all aspects of cybersecurity from the members of our Security Team by filling out the form below.

About the Author

Joshua Brant is our Cyber Security Strategist; he focuses on helping customers identify gaps and achieve security goals. Prior to joining LRS, Joshua served for years as Chief Information Security Officer for a manufacturing corporation. He holds multiple certifications in the area of Information Security, including CISSP, CISM, CEH and CCISO.