WiFi Security at your Hotel

Discussion created by pingreeman on May 29, 2018
Latest reply on May 31, 2018 by globaltreker

The greatest security risk is using WiFi in your hotel room, airport, or local hot-spot coffee shop. There are tools that hackers use that can "build a bridge" between the hotel's WiFi service and your laptop and this bridge can capture every one of your keystrokes including passwords, bank account information, etc.


The hardware that creates the bridge is commonly known as a wireless network auditing tool and can be found for around $100. Establishment of the "bridge" creates a rogue access point which is a wireless connection installed on a secured network by a malicious attacker. The bridge actually will re-transmit the hotel's WiFi network name where most unsuspecting folks will log in no questions asked.


In the diagram, below, the "Cafewifi" just under the internet cloud is the legitimate modem. The small "walkie-talkie" looking device is the bridge hardware that intercepts and changes the WiFi channels from the legitimate #6 to the rogue #11 but to the end user sees no difference - just the network name. Now that all communication travels through #11 via the hackers laptop (aka "man in the middle"), his software records your every move and can even plant viruses or Trojans on your laptop. Imagine him turning on you laptop's built in cam while you are getting out of the shower - yes, he can do that once he has you linked.


Related image


At this point everyone reading this post is asking "how do I prevent this from happening?" Unfortunately, there is nothing you can do unless you OWN the network (the hotel, for example). The biggest problem is that every device that could potentially log in to the hotel's WiFi network would have to have the device's IP registered for authorization on the hotel's WiFi - a task most hotels do not wish to address. It would also make you need to register your IP for each device at check-in or some other way to give your electronic gadgets permission to access the WiFi.


Short of the above, I strongly recommend you never use hotel WiFi for anything you are not willing to share with the world - obviously bank accounts, logins/passwords, etc. How about company email? Ask yourself if there would be any harm if your email (and archive) on your laptop would be OK to post it all on the internet for all to read?


Easiest thing to do - - - if you have sensitive data or commerce you must attend to in your hotel room, use your cell phone and the cell provider's network (do not WiFi the cell phone - you can get bridged). The cell network is much more secure and hackers would need to spend upwards of $25K for cellular communications to be "bridged." Virtually not done by hackers as there are just "too many fish to catch" using a $100 device.


Best solution --> every laptop bag should pack a 10-foot LAN cable to connect between the hotel room's cat5/6 outlet and your laptop - and don't forget to turn off the WiFi.