For many, working from home has been a welcome break from their long commute and noisy office. However, depending on pets and family members, the home can be just as distracting.
Remote workers might be tempted to rent a hotel room for some peace and quiet to get some critical work done, but the FBI is warning that hotel Wi-Fi networks pose a security risk to you and your organization.
According to the agency’s advisory, hotels – especially in major cities – are advertising daytime room reservations for remote workers that need a quiet, distraction-free work environment.
“While this option may be appealing, accessing sensitive information from hotel Wi-Fi poses an increased security risk over home Wi-Fi networks,” the agency’s advisory says.
“Malicious actors can exploit inconsistent or lax hotel Wi-Fi security and guests’ security complacency to compromise the work and personal data of hotel guests. Following good cyber security practices can minimize some of the risks associated with using hotel Wi-Fi for telework.”
According to the agency, hotels are regular targets of cyberattacks because they hold records of guest names, their personal information and credit card numbers. Possibly hundreds of unaffiliated people all using the same network in a confined area poses a security risk in itself.
An attacker could easily monitor internet activity and redirect victims to fake login pages or create a phony hotel network designed to appear like the original to give attacker direct access to the guest’s computer.
Because hotel networks are built for customer convenience, they aren’t always the most secure networks.
In the advisory, the FBI detailed how users can tell if they’ve been hacked and what they should do, as well as steps to take to reduce risk while working from a hotel.
Those steps include:
- Using a VPN
- Use a mobile phone’s wireless hotspot instead of the hotel Wi-Fi
- Confirm the name of the hotel’s Wi-Fi network before connecting and only connect to official hotel networks
- Do not enable auto-reconnect while on a hotel network
- Confirm an HTTPS connection when browsing
- Avoid transmitting any personal data like banking information or social security numbers
- Ensure devices that connect to hotel Wi-Fi networks aren’t discoverable and Bluetooth is disabled
- Use multi-factor authentication
- Enable login notifications to receive alerts on suspicious logins