The Federal Bureau of Investigation is advising caution when using hotel wireless networks (Wi-Fi) for telework.
FBI has observed a trend where individuals who were previously teleworking from home are beginning to telework from hotels. US hotels, predominantly in major cities, have begun to advertise daytime room reservations for guests seeking a quiet, distraction-free work environment.
Accessing sensitive information from hotel Wi-Fi poses an increased security risk over home Wi-Fi networks. Attackers can target hotels to obtain records of guest names, personal information, and credit card numbers. Malicious actors can exploit inconsistent Wi-Fi security to compromise the work and personal data of hotel guests.
Following good cyber security practices can minimize some of the risks associated with using hotel Wi-Fi for telework.
FBI recommendations for reducing risks include:
- If possible, use a reputable Virtual Private Network (VPN) while teleworking to encrypt network traffic, making it harder for a cybercriminal to eavesdrop on your online activity.
- If available, use your phone's wireless hotspot instead of hotel Wi-Fi.
- Before travelling, ensure your computer's operating system (OS) and software are up to date on all patches; important data is backed up; and your OS has a current, well-vetted security or anti-virus application installed and running.
- Confirm with the hotel the name of their Wi-Fi network prior to connecting.
- Do not connect to networks other than the hotel's official Wi-Fi network.
- Connect using the public Wi-Fi setting, and do not enable auto-reconnect while on a hotel network.
- Always confirm an HTTPS connection when browsing the internet; this is identified by the lock icon near the address bar.
- Avoid accessing sensitive websites, such as banking sites, or supplying personal data, such as social security numbers.