Travel WiFi Security Risk Prevention

Travel WiFi Security Risk Prevention

May 19, 2020 Travel Tech Blog 0

Common WiFi Risks and Prevention

Security Risks

All WiFi networks are essentially shared over the airwaves. Someone can literally pull any of the data packets out of the air. In fact, it’s so easy there is software that lets you do it. You don’t even need a special skill per se. Though if you are completely nontechnical you may still find it difficult or impossible to find anything useful. Note: sniffing WiFi that you don’t own or for purposes other than administration can be illegal in some places.

In addition to snooping risks, open WiFi networks could have compromised devices. If someone has a virus that uses the network to find other devices to attack, you instantly become at risk.

Even secured connections like those with SSL (green lock) are at risk. While less likely to be a problem, its not impossible for someone to be able to snoop the entire conversion. By doing so, they would able to potentially read your sensitive data. While SSL protocols are coming up with updated and stronger algorithms, many older types of SSL have already been broken.

Prevention

Despite all of these risks there are a number of ways to protect yourself when using public WiFi.

Use The Most Up To Date Web Browser

Sounds like common sense, yet corporate environments, application compatibility and poor update history means many people are using out of browsers. Even then, it isn’t until 2020 when most major browsers (Microsoft, Apple, Google, Mozilla) will phase with the riskiest forms of SSL mentioned above.

Prevention Level: Moderate to Low

This method will eliminate the riskiest opportunities to be snooper, but it won’t truly protect you.

Use a VPN service or a travel router with built in VPN

This is probably the best option. While it generally comes with a monthly fee, hardware or both; it’s the best way to ensure you can connect safely when traveling.

A VPN service will add an additional layer of encryption to your network traffic in addition to SSL. It secures the connection and creates what is called a “tunnel”.

VPN services often are more secure than SSL because they don’t need to be as compatible. They also offer the benefit of what is known as pre-shared keys. Pre-shared keys are more secure because the host and client (you) have a portion of the key needed to decode the communication prior to starting to communicate.

Prevention Level: VPN Service: Moderate; Travel Router (with built in security): High

This is probably the most ideal prevention method listed here. It should make it very hard for someone to snoop information from you. A VPN package does still leave you exposed to some types of virus attacks and malicious machines.

For complete protection use a travel router with built in VPN. This accomplishes a thing things VPN alone does not. First, you are not longer on the “shared” network. You are on a private network of the travel router. Second, the travel router will create a VPN tunnel to ride the traffic that goes over the public network.

The best travel routers will likely provide other benefits as well, such as improving the connection at these public places. In addition to being notoriously unsecure, they are notorious spotty and slow.

Finally, because your device is not on the public network, you have a very low risk of being attached by a compromised device. While the travel router could be at risk because its not a common device the opportunity and risk of it being hacked is very low.

Disable network browsing on your device (Windows PC)

If you are using a laptop you should always disable network browsing when you are an unknown network.

On Windows 10 you can disable network browsing by the following steps:

  1. Right click the Wireless or Network Icon in the lower right hand corner
  2. Select “Open Network & Internet Settings”
  3. Select Properties
  4. Under Network Profile Make Sure it is set to Private

While there you can double check your Firewall is active.

Prevention Level: Low

This will help with common types of browsing attacks, but sophisticated viruses and attacks may still be able to find and attack your machine.

Don’t Share Personal Information

While not always ideal, it’s always recommended that unless you choose a high prevent level you shouldn’t share personal information over public WiFi. Not to mention doing things like banking or paying with credit cards in public places carries other risks like social engineering and spying. These are not inherently technology related, but security is not just a technology problem.

Prevention Level: Moderate

This method won’t prevent someone from gaining information about you from non-sensitive information, the impacts of that tend to be relatively low.

Airport WiFi Risks and Prevention

Free airport WiFi is notoriously risky to use. Like most free public WiFi systems this is unsafe as it can get it. While free WiFi checks two of our favorite boxes: It’s free and it’s easy, it can be a dangerous combination.

Another challenge that makes Airport WiFi uniquely risky is the sheer number of people who pass through. This gives snoopers the ability to easily setup shop. It also means lots of opportunity for exposure to compromise machines.

Lastly, most Airport WiFi networks are run by third parties. The airport as little direct operational influence. And, unlike a large corporate coffee shop or restaurant chain, they have little in the way of brand impact. While you may stop using airport WiFi, you likely won’t stop using the airport. Contrast that with Starbucks, where a compromised network may mean you go to Dunkin Donuts. That directly impacts their brand reputation and bottom line.

You should specifically protect yourself by NEVER using their networks for personal and secure information. The only exception would be with a travel router. Even a VPN service alone, I’m not sure would be safe enough.

Coffee Shop WiFi Risks and Prevention

Coffee Shops, like Airports, are high risk environments because they easily enable snoopers. It’s common for people with computers to be at coffee shops for long periods of time. This allows snoopers to spend a lot of time snooping on a lot users.

In addition to snooping the high number of devices makes it a breeding ground for malicious software. While not as high risk as the airport, there are few other places with as much opportunity.

Coffee shops are also notoriously relaxed. It’s not uncommon for people to put their guard down. Other high risk security concerns at coffee shops are snatch and grabs of laptops and other valuables when you are not paying attention or leave things to go to the bathroom.

Finally, don’t expect the coffee shop workers to be highly aware of the WiFi network. Generally speaking these are operated by third parties with no local support. In fact, in many cases employees are discouraged from spending time on the network.

You should specifically protect yourself by NEVER using their networks for personal and secure information. VPN or travel routers are viable options for limited secure information. However, I would still suggest waiting until you are home to do anything highly sensitive.

Restaurant WiFi Risks and Prevention

Restaurants are somewhat unique in that they are both higher and lower risk than coffee shops or airports. This variation is due to the unique nature of how people use restaurants.

First, restaurants often have a lower opportunity for snooping than coffee shops or airports. This due to the fact that snoopers would stand out if they used a laptop for hours on end, day after day. However, don’t let this lull you into assuming it’s not a risk. Snoopers can act quickly if they see a target of opportunity. Also, many restaurant snoopers are actually outside in their cars, not in the restaurant.

Second, restaurants are higher risk for fact wireless networks than most locations. Restaurants present an excellent opportunity because restaurant WiFi is often lightly used. Further, many restaurants may not even have WiFi so setting up a dummy network using the restaurant names to appear “legitimate” is very easy to do. And you’d probably never notice the difference.

While this additional risk should give you pause, one bit of good news is few people go to a restaurant to pay their bills or do online shopping. I would highly advise you not do this. Even though resturants may be lower risk in some ways, it’s still a good idea to practice low use.

If you do need to use a restaurant WiFi and want to be secure – VPN and/or a travel router will provide you the safest way to use it.

Hotel Lobby WiFi Risks and Prevention

Hotel lobbies like coffee shops are ideal opportunities for snoopers. While they can’t usually stay as long without avoiding suspicion as they could at a coffee shop, it is very easy for them to blend into the other people working, grabbing breakfast and otherwise getting a few things done in the lobby.

Like coffee shops limiting the use of hotel lobby WiFi and avoiding any sensitive or personal information sharing is a must. This is another place where if you need to work or share sensitive information, a VPN service and/or travel router would be ideal.

Hotel Room WiFi Risks and Prevention

Hotel Rooms should be safe spaces. After all, you are in your own room and connected to what you assume is a secured network. Except in most cases, the network isn’t secured at all.

While snooping is a little harder because of the distances between rooms, its still possible for snoopers to work. This is especially true in smaller hotels where they can reach your WiFi network from the parking lot or lobby.

Hotel rooms are also high risk for malicious devices. Again, because rooms feel private those on the WiFi network with you may visit sites they wouldn’t. Visit malicious sites is the #1 way malicious software finds it way onto computers. Even if you didn’t visit, you could be at risk because that software can then use the network to attack you.

While if you are traveling and HAVE to do something that requires personal information, your hotel room is probably safer than any of the other public locations listed, it’s still far from safe or secure.

As with the others, in addition to regular prevention methods, a VPN service or travel router (with VPN) will be by far the best option to ensure you are secured.

Airbnb WiFi Risks and Prevention

An area many travelers take for granted is Airbnb WiFi usage. While many Airbnb hosts are individuals or small businesses with explicit directions and basic security on WiFi, there are a still considerations.

Also, these considerations hold true for any vacation rental. While Airbnb has popularized the idea, you can expect a similar experience with VRBO and numerous other vacation rental services.

The good news is compared to most of the WiFi networks listed here, these are generally the safest. In fact, most issues relate more to privacy than directly about security. But there are still risks and precautions to security to consider.

First and foremost issue with Airbnb’s are is generally privacy. Your host likely has a home grade WiFi setup, or potentially just the devices provided by the internet service provider (ISP). These have basic security. And while in most instances it won’t include any logging, the rise of cameras and other monitoring tools has made it easier for the host themselves to snoop.

And as a number of recent articles have pointed out, hackers know Airbnb WiFi is rarely reviewed. In some cases the hosts are not local or hire third parties with little or no oversight. So finding Airbnbs to hack are easy prey.

A few considerations with Airbnb WiFi:

  • You should always double check you are connecting to exactly the WiFi SSID provided by the host
  • If there are duplicate networks or ones “like it”, confirm with your host you are connecting to the correct one.
  • You should avoid entering personal information or passwords into the WiFi if you can help it. It may be impossible to take that week trip without checking on your bank or financial records, but it’s not advised if you can help it.
  • Never use their Smart TV or streaming device with your credentials. Either use the provided services or bring your own streaming sticks.

As with the others, we’d highly recommend using a VPN or travel router between your devices and the Airbnb WiFi. This not only reduces the risks of potential snooping, it will help ensure your host is not spying on your usage.

Airbnb Smart TVs and Streaming Devices

Another unique consideration of Airbnb’s is shared smart TVs and streaming devices. Many Airbnb’s provide a few streaming services as entertainment rather than carrying costly cable services.

These are great. However, if you want to use a service not provided by your host we recommend you NEVER enter your credentials into one of their devices to use another service. There is no procedure to clear usernames and it does potentially provide full access to your account.

Having a travel router will certainly make this easier to setup quickly in your Airbnb. However, unlike hotel WiFi because most Airbnb’s use home quality WiFi setups your streaming devices will generally work on their WiFi.