Hotel Wi-Fi networks favour guest convenience over strong security, FBI warns

The lack of a hotel industry standard for secure Wi-Fi connection is also a reminder that guests should not implicitly trust the hotel has a secured connection or that it is actively monitoring for attacks.

October 11, 2020 04:48 pm | Updated 04:54 pm IST

The FBI said that these passwords are sometimes combinations of the room number and password, making it more vulnerable to cyberattacks.

The FBI said that these passwords are sometimes combinations of the room number and password, making it more vulnerable to cyberattacks.

The Federal Bureau of Investigation (FBI) issued a statement warning users of the risks of using hotel room W-Fi connections.

Accessing sensitive information from hotel Wi-Fi poses an increased risk over home networks. Malicious actors can exploit inconsistent or lax security and guests’ complacency to compromise work and personal data of hotel guests.

Hotel networks are built to favour guest convenience over robust security practices, the statement said. Smaller hotels often post placards at the service desk displaying the password for Wi-Fi access and change the password infrequently.

The FBI also said that these passwords are sometimes combinations of the room number and password, making it more vulnerable to cyberattacks.

The FBI advised users to use virtual private network (VPN) connections to make it harder for hackers to track activity. Other recommendations include always accessing HTTP secured websites, connecting only to the hotel’s official network, using multi-factor authentication for logging into sensitive accounts, and disabling Bluetooth when not in use.

The lack of a hotel industry standard for secure Wi-Fi connection is also a reminder that guests should not implicitly trust the hotel has a secured connection or that it is actively monitoring for attacks.

One of the major drawbacks of hotel network security include the guest’s lack of control over it. Users generally have minimal visibility into both the physical location of wireless access points within the hotel and the age of networking equipment. Old, outdated equipment is more likely to possess vulnerabilities for hackers to exploit, the statement read.

Even if a hotel is using modern equipment, the guest has no way of knowing how frequently the hotel is updating the firmware of the equipment or whether the hotel has changed the equipment’s default password.

Hotel networks pose special threat to business professionals as cybercriminals use stolen intellectual property data to facilitate their own schemes or to produce counterfeit versions of proprietary products. They can use information gathered to access company data to trick business executives into transferring money to the criminal.

The most common signs to recognise that a device has been hacked include sudden slowing down of mobile device, automatic cursor movement and launching of apps, increase in pop-up advertising and data usage, and faster-than-usual decrease in battery life.

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.