Working from a hotel? Beware the dangers of public
Wi‑Fi
As more and more hotels are
turning rooms into offices, the FBI is warning remote workers of cyber-threats
lurking in the shadows
With the COVID-19 pandemic
forcing an increasing number of companies to shift to remote work, some employees working from home have been
struggling to find a quiet environment for work. The hospitality industry has
also been impacted by the pandemic, with more and more hotels across the United
States and around the world offering their empty rooms as daytime makeshift
offices for remote workers seeking to work in a distraction-free place.
Taking note of the trend,
the FBI’s Internet Crime Complaint Center (IC3) has issued an announcement warning about the
risks of using hotel Wi-Fi networks to access sensitive and work-related
information. “Malicious actors can exploit inconsistent or lax hotel Wi-Fi
security and guests’ security complacency to compromise the work and personal
data of hotel guests,” the Bureau warned.
Related
reading: Public Wi‑Fi security: Your questions
answered
Hotel guests connected to
Wi-Fi networks can be easy targets for cybercriminals, who can launch a variety
of attacks to target their victims. This includes infiltrating a poorly secured
network to monitor the victims’ traffic and redirect them to fraudulent login
pages. Another threat is posed by “evil twin” attacks, wherein the attacker
creates a malicious Wi-Fi network that carries a similar name to the hotel’s
network in order to dupe unsuspecting guests into connecting to it and providing
the black hats with direct access to the devices.
A threat actor could also
compromise the employee’s company-issued devices in order to gain access to
sensitive data stored on the device or to infiltrate the company’s network.
This could allow the hacker to comb through the company’s systems in search of
proprietary information, as well as implant malware such as keyloggers or
ransomware that could then propagate to other devices connected to the network.
“Cybercriminals can use
information gathered from access to company data to trick business executives
into transferring company funds to the criminal,” added the FBI when
highlighting the threat of Business Email Compromise (BEC) scams, also known
as CEO fraud.
Related
reading: 6 tips for safe and secure remote working
Remote workers who are
considering making the leap to working from a hotel would do well to ponder
additional risks beyond their control, such as the hotel’s approach to
cybersecurity or how it handles its network infrastructure. The
hotel-turned-office may be using outdated networking equipment that could
be riddled with vulnerabilities or it may not update and patch its systems often enough, any of which could provide
avenues for attacks.
However, if working from a
hotel room remains an attractive option, there are steps that employees can
take to protect their devices and mitigate the chances of falling prey to
cybercriminals while working on a public hotel Wi-Fi.
·
Using a Virtual Private Network (VPN) will help protect you from prying eyes by
encrypting your internet traffic.
·
Check to see
if your work device as well as any device you will be connecting to the hotel’s
Wi-Fi network have been updated to the newest versions of their operating
systems and that all recent security patches have been applied.
·
If possible,
avoid accessing any accounts or files that carry sensitive data such as
financial details.
·
While logging
into your accounts make sure that you’re using two-factor authentication, which will add an extra layer of security.
·
Instead of
connecting to the hotel’s network, you can use your smartphone to create a
mobile hotspot.