Being on the road is typically a stressful affair. Travelers have to worry about making their flight connections or booking reservations to a hotel or restaurant. Just being in an unfamiliar area can make some people anxious. Unfortunately, when sorting out these issues, some travelers don't think about the cybersecurity threats that they may be facing.
Many businesspeople use public Wi-Fi networks when on the road. This practice is particularly unsafe, since hackers can use fake hotspots to break into their targets' computers. Even when a network is legitimate, hackers can still spy on a target's web connection, hijack their data, and infect their computer with malware.
Many hackers have begun to focus their efforts on hotels, since they are typically full of traveling executives. These businesspeople are considered to be high-value targets since they may possess access to company bank accounts or sensitive information. Experts have already uncovered a number of sophisticated cyberattacks that targeted hotels and their guests.
Kaspersky Lab, one of the world's leading cybersecurity firms, announced in November 2014 that it had discovered an advanced cyberthreat that targeted several luxury hotels. The threat, which the firm called "Dark Hotel," went unnoticed for 7 years before being uncovered by Kaspersky. Although the attacks were predominantly focused on East Asian countries, researchers discovered instances in the US, Germany, and Ireland as well.
Each Dark Hotel attack began with hackers compromising a hotel's Wi-Fi network. After a guest at the hotel connected to the compromised network, the hackers offered them "updates" to well-known software like Adobe Flash Player. These "updates" contained malware that allowed the hackers to take control of the guest's computer. The malware also included a keylogger program that the criminals used to steal usernames, passwords, and other important pieces of information. They also used phishing techniques to spread their malware, specifically by sending malicious email messages to governmental and nonprofit organisations.
These attackers were quite skilled, as evidenced by the fact that they used previously unknown vulnerabilities in major applications. They were also very careful about not getting caught. Their malware was designed to remain inactive for 6 months after infecting a computer. This made it very difficult to discover. It also had a self-destruct protocol, so researchers would have trouble studying it after detection.
Attackers can also use hotels' vulnerable IT equipment as part of their attacks. These vulnerabilities can be very severe, as the Cylance cybersecurity firm showed in March 2015. The company announced that it had discovered a major vulnerability in a popular network router used by hotels and convention centers around the world. Hackers could have exploited this vulnerability to compromise a hotel's Wi-Fi network, and infect any computers connected to the network with malware capable of stealing data and personal information. The router's manufacturer quickly released a patch that fixed the problem, but the case demonstrated just how insecure hotels' Wi-Fi networks can be.
Compromised wireless networks are not the only cybersecurity threats that one can find at a hotel. Infected computers also represent a serious threat to travelers' online safety. One case in Dallas, Texas, was so severe that the US Secret Service and the Department of Homeland Security had to publish a warning about the threat. The case involved hackers that used keylogger programs on the public computers in the business centers of several major hotels in the area. The authorities noted that even though the attacks required relatively little skill, the hackers were still able to successfully steal a large amount of data, including guests' personally identifiable information (PII) and the login credentials to their online bank accounts.
The Dallas attacks show just how important it is to avoid online banking on public computers or unsecured Wi-Fi networks. Travelers are especially guilty of breaking this rule while on the road, with many of them connecting to public wireless networks in airports, coffee shops, convention centers, and hotels.
If you need to access your email inbox while traveling, create a throwaway email address and use your smartphone to forward the relevant message or messages to the throwaway email address. This lets you keep your regular email account safe from hackers.
When traveling, make sure that your computer doesn't automatically connect to unknown Wi-Fi networks. Similarly, avoid visiting any websites that are not secured by HTTPS. The encryption provided by this communications protocol protects web traffic from hackers. You can also use a virtual private network to encrypt your web traffic.
You should be using multi-factor authentication measures as well. These tools require you to use multiple forms of identification — such as your password, your fingerprint, or a code sent to your smartphone — in order to access your accounts. This ensures that even if a hacker manages to steal your passwords, they still won't be able to get into your accounts.