"Hotel Wi-Fi is designed for easy and frictionless access," says Stephen Moody, Solutions Director, EMEA at ThreatMetrix. "Devices are connecting to insecure, non-encrypted Wi-Fi networks." The bottom line is this: use hotel Wi-Fi and you may be open to scams, hacks, viruses and malicious software attacks.
What's wrong with Wi-Fi?
The very nature of Wi-Fi, with traffic from all mobile devices broadcast loudly over the airwaves, makes any public Wi-Fi network insecure. "With a cheap Wi-Fi adapter and some free software anyone can listen in on all conversations your phone or laptop is having with the outside world," says Glenn Wilkinson, senior security analyst at SensePost.
"In general terms hotels have not implemented a network with business class segmentation," says Paul Leybourne, Head of Sales at Vodat International. "Many hotels also do not restrict the sites that guests can view, which leaves them wide open for external people to access."
Public and hotel Wi-Fi doesn't use WPA. "Any device that is connected to hotel Wi-Fi is effectively sending all data in clear-text, allowing a remote attacker to identify and extract information," says Adam Tyler, Chief Innovation Officer of CSID.
Why is hotel Wi-Fi considered especially risky?
"The sophisticated security systems usually in place on corporate networks are not present on these kind of connections," says Moody, who maintains that it's easier for cybercriminals to execute Man-in-the-Middle (MitM) and Man-in-the-Browser (MitB) attacks due to the lowered security standard.
A recent report from Cylance found a critical vulnerability in the ANTlabs InnGate product used by hotels. "This software vulnerability affects 277 hotels across 29 countries," says Andy Crocker, CEO of cyber security company Protect2020. "The vulnerability gives attackers the ability to monitor and tamper with data traffic from Wi-Fi connections and gain access to hotels' property management systems."
Who's intercepting hotel Wi-Fi?
Hotels are 'dirty' because of who's staying in them – you. "Hotel networks are very lucrative targets for cybercriminals," says David Emm, Principal Security Research at Kaspersky Lab, which last year published details of the Darkhotel espionage campaign that targets C-Level executives while they stay in luxury hotels.
"The criminal gang compromises hotel Wi-Fi networks and then waits for a victim to logon to the network, before tricking them into downloading and installing a backdoor, which in turn infects the device with spying software," says Emm.
This is the 'Evil Twin' hack. "Hackers set up a fake network to mirror the real, freely available one, users unwittingly connect to the fake network, and then a hacker can steal account names and passwords, redirect victims to malware sites, and intercept files," says Steve Fallin, Senior Product Manager at NetMotion Wireless.
Tools like the Snoopy drone and Mana can automate these attacks and target a large number of people simultaneously. "They have the ability to profile your device and figure out where you live and work," says Wilkinson, who invented the Snoopy drone to prove how easy it is to emulate a Wi-Fi network and trick smartphones into connecting to it – and then steal data.
"Unless your data is encrypted and sharing is turned off hackers are free to rifle through all of the data on your device or whatever is passing through your connection," says Fallin. The lesson is simple; assume all alien Wi-Fi networks are insecure.
Are some hotels riskier than others?
Absolutely – the higher class of guests, the better chance that hackers are about. "Hotel Wi-Fi comes with a particular risk as it is a likely concentration of valuable targets like business travellers," says David Chismon, senior researcher at MWR Infosecurity. "Upmarket hotels are still more likely to have high-value targets such as executives while Wi-Fi in business class lounges is also a highly tempting hunting ground for attackers."