Here are some useful Tips on Preventing such an attach from happening to you:
- Never Browse Sites which contain Sensitive Data on a Public WIFI Connection without Using a Secure VPN (Virtual Private Network) Read Below for more information on VPN's.
- Make sure that the WIFI Network you are accessing in a Hotel or Public Establishment is Security Enabled (The Network is Security Enabled if you are required to enter a password to connect to the WIFI Network)
- If you ever receive a Pop-up after connecting to a WIFI network asking you to agree to a "Terms of Service", make sure that you ask the Hotel Staff if the Pop-up is legitimate and that they require a Terms of Service Agreement to be accepted in order to use their Internet Connection.
- If you do receive a Pop-up that looks suspicious, make sure you DO NOT click anywhere within the Pop-up Window. Close the Windows Immediately by clicking the "X" on the top right hand corner of the dialog box (or Pop-up screen)
- Disable or Block File Sharing on your Computer
- Enable the Windows Firewall or a Third Party Firewall on your Computer prior to accessing a Hotel or Public WIFI Network
- Use File Encryption when Sending Files to Anyone
- Use a Virtual Private Network Client on your Computer (Give us a Call at (717) 961-6207 for Questions or Help Installing a VPN - Virtual Private Network)
- Make sure your Computer is Updated with the latest Software and Hardware Updates from Microsoft or Apple.
- Make Sure your Anti-Virus is Up to Date
- Check for a secure login page before you sign in. Most hotel wireless access points require you to submit your name, room number or other personal information. Look for an address starting with "https://" to ensure the login page is encrypted to protect your personal information.
What is a VPN and How can Setting One up Help me?
By using a VPN, all of your communication is encrypted between your laptop and the VPN’s remote server.
For Help Securing your Personal Computer and Setting up a Secure Browsing Environment suitable for Public WIFI access, call us at (717) 961-6207.
So how would a Hacker go about Gathering my Personal Data?
There are several ways to hack hotel LANs, but two the two main ones carry the colorful names of “promiscuous monitoring” and “ARP spoofing.”
Promiscuous monitoring can be used on hotel networks which use a “hub” configuration, which passes everyone’s communication thorough the same cable. (Only about 20% of hotels use this technique, but you have no way of knowing whether they do or not.) So all a hacker has to do is turn on an option in his “network interface card” to listen “promiscuously,” and the communications from every hotel guest can be captured and stored on his laptop.
Almost every laptop, whether PC or Mac, has the ability to do this. It only takes a bit of software that, naturally, is readily available on the Internet.
“ARP spoofing” is more insidious yet also more esoteric as it is very difficult for the hotel to protect against. (That is one reason why most hotels actually have two LANs – one for their internal business, the other for guests.)
With ARP spoofing a hacker convinces the network his laptop is actually that central node with the Internet connection, so all the guest’s communications are re-directed to through him. This is called a man-in-the-middle attack. He can store your communication – or even modify it if he wishes – before sending it on to the Internet. Chances are, no one will ever know what happened. At least until the next credit-card billing cycle.
The only way to protect yourself in hotels, whether using wifi or a cable connection, is to use a VPN