Hotels are digitally dangerous places these days. And that's not idle speculation. Security researchers have been sounding the alarm on sophisticated attacks directed at hotel users for years.
Most of the earliest reports pointed to surgical strikes on high-profile executives or representatives of government agencies, but they could prove to be precursors for more wide-ranging attacks on the general public. Modern business travelers, with their treasure troves of files and personal information, will be prime targets, and they're also more likely to let their guard down after an exhausting journey.
Here's a look at some of the most likely avenues of attack on hotel goers, along with some suggestions that can mitigate, if not altogether block, such attempts.
Beware the hotel network
Without question, the greatest potential danger resides in the hotel network. Hackers have been known to infiltrate hotel networks to spy on traffic flowing through them or to plant malware at the captive portals users are automatically redirected to for authentication. One advanced scheme pushed malware via a software update that was designed to install on Windows PCs.
Rogue Wi-Fi access points (APs) represent another potential risk. By mirroring the network name, or service set identifier (SSID), used by the hotel, hackers can set up fake APs and trick victims into connecting to them. Such schemes open the door to man-in-the-middle attacks, and they let attackers snoop on unencrypted traffic and see the URLs of any SSL-protected websites people might visit. The threat of rogue APs certainly isn't limited to hotels, but business travelers are often high value targets that are easier to identify than staking victims out at crowded cafés.
An encrypted VPN connection is the only effective way to protect your data from snooping at the network level. Business travelers should make sure their IT departments set up VPN connectivity for access to their corporate networks, though they will still need to remember to connect to the VPN before surfing the web.
Cloud-based VPN services such as VyprVPN provide encrypted connections in addition to technologies that can be used to circumvent internet censorship in global regions. VyprVPN also offers clients for popular computing platforms such as Windows, OS X, Android and iOS, and it eliminates much of the configuration work that is required to get corporate VPNs up and running.
GoldenFrog.com: VyprVPN lets you access blocked Google search in China.
It's also good security practice to plug into a wired network port whenever possible, to reduce the risk associated with rogue wireless networks.
If you have more than one Wi-Fi device, a travel wireless router such as the D-Link AC750 portable router [ find it on Amazon - *what's this?* ] can connect to a wired network via its built-in LAN port and provide 802.11ac wireless connectivity. However, you should make sure to encrypt that network and secure it with a strong password. The D-Link portable router can be used to connect directly to another Wi-Fi network, as well, though using it in such a way will not offer protection against rogue APs. In any case, you should continue to use a VPN and only connect your wireless devices directly to a secured network.
Sign up for Computerworld eNewsletters.