When you check in to a hotel, you assume that the company will keep you and your valuables safe by not sharing your room keys and providing a safe for your belongings. But a much greater threat could be lurking in your rented room – the free WiFi connection that most lodging providers offer.
We’ve already talked about the steps you should take when connecting to public WiFi networks in coffee shops, but many people still fail to apply these basic safeguards to hotel Internet browsing. This is a huge mistake! Hotel WiFi networks suffer from many of the same security weaknesses as unsecured coffee shop networks. Not only do these networks increase your susceptibility to “man in the middle” type attacks that compromise your personal information, the FBI and the US Internet Crime Complaint Center (IC3) report that instances of malicious software attacks on hotel-connected laptops are on the rise.
According to the IC3: “In these instances, the traveller was attempting to setup the hotel room Internet connection and was presented with a pop-up window notifying the user to update a widely-used software product. If the user agreed to install the update, malicious software was installed instead.”
No matter what specific type of threat you’re concerned about when it comes to hotel WiFi security, the basic preventative measures remain the same:
But what if you happen to be staying at a hotel that secures its networks by offering router encryption and a password that’s given only to guests? Sorry to burst your bubble, but you’re still not safe.
To understand why, consider the two types of router encryption that hotels might offer – wired equivalent privacy (WEP) and WiFi protected access (WPA).
The WEP protocols are dated and offer very little in the way of digital security, as they’ve been in service for more than 15 years. And although both the WPA and WPA2 certification programs were developed to compensate for the weaknesses of WEP, they’re still not fool-proof. They can be cracked in most cases, and are nearly useless anyways if the hacker in question is also a guest at your hotel with the same network access you’ve been granted.
And finally – sorry to burst your bubble, but the wired Ethernet connection your hotel offers isn’t any more secure than its wireless networks.
Most wired hotel networks are local area networks (LAN) – a protocol that’s more than 30 years old. Originally developed in the mid-1970s by Xerox, LANs were intended to be used internally by business or other groups of people. And because there was no reason to anticipate malicious behavior within these groups, LAN configurations were built without appropriate security protocols in place.
To make matters worse, an estimated 20% of hotels in the US use a type of LAN known as a “hub configuration,” which involves sending all of a network’s data to every computer that’s connected to the group. In its original incarnation, LAN computers were only supposed to listen to the data intended for them, which – again – isn’t an issue when all members of a network can be trusted.
In hotels, though, random guests can switch their network cards to “promiscuous mode” and view all of the unencrypted information being sent throughout the LAN. If you aren’t careful, this information could include personally identifying information, passwords and sensitive documents that shouldn’t fall into the wrong hands.
Although there are other types of LAN configurations in use in hotels, the thing you should take away from this article is that no hotel network – whether wired or WiFi – is truly safe from hacking attempts. Instead, it’s up to you to take the security measures necessary to protect your data. By installing a VPN, locking down your system and being careful about the types of information you share, you can minimize the stress of traveling by keeping your data safe.
Join over 650 million users already enjoying absolute Internet Freedom around the world by downloading Hotspot Shield VPN.
We don't store or share your IP address