Buy iPass

iPass Blog

Experts Raise New Security Concerns About Free Hotel Wi-Fi

By Dennis Jones


We might be at the height of the summer holidays. But cybercriminals have shown little inclination that they are planning to take a break. Instead, we’re seeing quite the opposite. By most metrics, cybercrime is on the rise. For instance, Verizon released a study documenting the acute rise in cybercrime involving ransomware, attacks in which hackers use malicious software to encrypt their victim’s data. Subsequently, hackers extort their victims for money to unencrypt that data. According to the Verizon report, published before the infamous WannaCry and Petya attacks, ransomware attacks increased by 50 percent over the course of 2016. But that’s not the only thing you have to be afraid of if you’re a digital native (or novice).

Summer travelers need also beware of free hotel Wi-Fi, which more and more hotels are offering as a complimentary amenity for their patrons. Recently, researchers from security firm FireEye have decried a new Russian cyber hacking technique being used to exploit free hotel Wi-Fi.

The Russian hacking group, Fancy Bear, also known as APT28, behind the DNC breach last summer, is using the leaked NSA hacking tool, EternalBlue, also exploited by the WannaCry hackers, to target high-value hotel guests on free hotel Wi-Fi hotspots. The hackers have first been cracking hotel Wi-Fi networks by sending phishing emails with infected attachments to hotel staff. When hotel staff opens these email attachments, they introduce Gamefish malware (no, I’m not making these names up) onto hotel computers. That malware then infects the hotel’s internal and guest Wi-Fi networks.

Just like with the DNC hacks, the point is to target high-profile guests. Guests using a malware-infected free hotel Wi-Fi hotspot expose their privacy and security, as hackers can obtain their credentials, usernames and passwords, without guests’ being any the wiser. The technique is reputedly so advanced that guests don’t even have to actively input their username and password for those credentials to be exposed, the malware simply harvests information in the background.

Last month, FireEye discovered this kind of malware activity in multiple European hotels and in one Middle Eastern, after having previously detected FancyBear hotel Wi-Fi hacking activity late in 2016, when an employee’s computer had been infected. It later came out that that employee had been on an compromised hotel network while traveling.

So what can you do as a traveler, as hackers’ reach extends deeper into the hospitality industry? The short answer is to stay off of free hotel Wi-Fi, which is inherently unsecure. In a blog, FireEye puts it this way, “Travelers must be aware of the threats posed when traveling – especially to foreign countries – and take extra precautions to secure their systems and data. Publicly accessible Wi-Fi networks present a significant threat and should be avoided whenever possible.”