Lack of concern when using hotel Wi-Fi could place users at risk, security experts warn
Most hotels now offer internet access to their visitors and it’s something that many of us take advantage of to get online when travelling. But we rarely stop to consider the privacy implications.
In a recent survey we asked 2,512 thousand people about their internet access when staying in hotels.
The vast majority (94%) do connect to hotel Wi-Fi when it is available. And why not? Hotel Wi-Fi is often free and may be faster than mobile internet. And if there’s no mobile signal it might be the only option for broadband access.
But 58% also said they do not worry about being monitored when using a hotel’s internet service. This could be a risk to privacy, and could even expose private data to criminals, some of whom are now attacking hotel Wi-Fi to gain access to data from high value targets.
According to our survey the most popular uses for hotel Wi-Fi are email and web browsing, followed by social media. And a small but significant number (26%) also said they used it for work. Many of these activities will involve logging into secure systems and accessing confidential information.
Being targeted by professional criminals is probably not a concern for many of us, but that doesn’t mean you shouldn’t take precautions. Casual hackers could take advantage of weak Wi-Fi security to intercept data, something which is scarily easy to achieve with minimal knowledge using free tools.
There are also wider privacy issues which affect everybody. Hotels might be recording information about user activity. And Daniel B. Brown, security consultant at Farrpoint, says that hotels could profit off this by selling to a data broker. “Data-Brokers like Acxiom have over 1500 pieces of information on over 700 million consumers and it is very likely you will be one of those 700 million.”
Aside from the security and privacy problems, our survey also found a few areas where hotels could improve Wi-Fi service for customers.
By far the biggest complaint about hotel Wi-Fi was the speed, but hotel Wi-Fi users also had problems with signal strength, hassle with logging in, and the requirement to provide personal information in order to get online.
Hotels might have good reasons for gathering information about customers, but with the introduction of new data protection laws next year they will need to think carefully about how the information is used and stored, or risk severe fines for breaching the tough new rules.
Five tips for protecting yourself on public Wi-Fi
While there are risks you don’t need to stop using public Wi-Fi hotspots completely. Here a few ways to improve security and privacy and avoid common pitfalls.
1. Use a VPN
Virtual Private Networks (VPN) provide an encrypted link to the internet. When using a VPN your data is hidden from prying eyes, whether that’s a hacker or the internet service provider. Our guide to VPNs will show you how to use these handy services.
2. Make sure you’re connected to the right network
One trick hackers use to fish for victims is setting up a fake wireless access point which looks like the real thing. When connecting to any Wi-Fi network make sure the name is exactly correct.
3. Only transmit private data on secure web sites
If you’re logging into a web site or sending private information make sure it’s using HTTPS - this is typically indicated by a padlock symbol in the URL bar - otherwise the communication could be intercepted by anyone listening in on the network. When using sites without HTTPS assume your activity is being recorded and act accordingly.
4. Disable file sharing
Make sure devices are not set to allow file sharing over the network, or you could unintentionally grant other users on the network access to your files. On Windows head into the Network & Sharing Center. On Mac OS these settings are found in Sharing under System Preferences.
5. Keep all your software up to date
You should be doing this anyway, but when using public Wi-Fi it’s especially important to ensure you’ve got the latest operating system and security software patches. Download and install these before you leave home.