Free WiFi is usually the first thing most travelers look for after checking-in in a hotel room. Regardless of what the purpose of the trip is - a vacation, a business trip, or anything in between, free WiFi is a must.
While it offers great convenience, hotel WiFi poses major cybersecurity threats. And what’s worse, it’s not just WiFi that can put hotel guests at risk.
Let’s take a look at some of the cybersecurity risks that occur while traveling and how travelers can protect themselves.
Hotel WiFi Risks
A hotel WiFi network is often insecure because anyone can connect to it. While password-secured home WiFi creates an encrypted connection between a device and the router, this isn’t the case in hotels. This means that anyone with some basic hacking skills and easily available software can monitor the activity on any device that’s connected to the network.
The fact that hotels prove time and time again to be a valuable target to cybercriminals is especially problematic. Hotels become easy targets because of their lack of proper cybersecurity and the fact that millions of important people visit them daily.
Data breaches that take place in hotels compromise their guests’ email addresses, passport numbers, date of birth, and even their credit cards.
Public WiFi Risks
The situation is similar with any public WiFi. Primarily, it’s not uncommon for travelers, and locals alike, to be tricked into using the so-called “rogue” networks. Those networks are set up by cybercriminals to harvest the data from the devices connected to it. The only way to ensure that the network isn’t rogue is to check with the restaurant/cafe/other which WiFi network they’re offering.
Using public or hotel WiFi also makes travelers vulnerable to the theft of passwords and usernames. Man-in-the-middle attacks are also fairly common. Connecting to an open WiFi opens up the possibility for someone to intercept the connection between WiFi and the device, allowing them to monitor all the activity.
Hotels Leaking Personal Data
About 67% of hotels leak guest booking details and compromise their personal data. That data could include names, birth dates, postal addresses, phone numbers, credit card numbers, and more. This poses a great threat to all hotel guests.
The fault often lies in a hotel’s website. Advertisers on the website can not only easily track users’ browsing habits, but also get inside into the personal details that users leave on the site as well. Third-party services can take advantage of the vulnerabilities of a hotel’s site, log in to guests’ reservations, and steal their data.
Problems with Email Confirmations
The booking confirmation email can be another vulnerability point. Most confirmation emails contain a link that directs to a separate website where users can access their booking details.
The problem here is that the URL itself contains both the booking code and the guest’s email address. The link sent in the email isn’t encrypted so data can be easily shared with others.
Users are advised to check whether the link is encrypted and whether their email address is visible. It’s simple to notice this as unsecured URLs will contain the “http” protocol, while secure links will start with an “https” protocol.
Staying Secure Through a VPN Server
Most of the risks associated with hotel cybersecurity have to do with unsecured connections, and this problem can often be solved rather easily.
All guests should take their cybersecurity into their own hands and make sure to create a safe connection to any network. This can be done through a VPN server.
VPN, or Virtual Private Network, works to ensure that the connection between a wireless device and a network is completely secure. Primarily, a VPN server will hide the connection so that it isn’t visible to outsiders, and that even includes the internet service provider.
Then, it encrypts the connection. This is an added security measure that ensures that even if the connection is spotted, it cannot be broken into. With a VPN server, users can connect to any public or private network and protect themselves from eavesdroppers.
Cybersecurity shouldn’t be taken lightly, especially when traveling. Since most hotels don’t offer proper security measures, it’s up to the guests to do everything in their power to protect their devices and sensitive data.