On October 6, 2020, the Federal Bureau of Investigations (FBI) issued a warning to consumers about using WiFi when teleworking from a hotel.
The FBI acknowledges that many workers are having difficulty working from home during the pandemic due to a host of issues. According to the FBI, “U.S. hotels, predominantly in major cities, have begun to advertise daytime room reservations for guests seeking a quiet, distraction-free work environment.” As a result of the increase in the use of hotel rooms for work purposes, the FBI is warning consumers about using hotel WiFi to conduct their work.
According to the FBI’s announcement, “[M]alicious actors can exploit inconsistent or lax hotel Wi-Fi security and guests’ security complacency to compromise the work and personal data of hotel guests. Following good cyber security practices can minimize some of the risks associated with using hotel Wi-Fi for telework.”
Here are the recommendations from the FBI announcement:
“RECOMMENDATIONS FOR REDUCING THE RISKS OF HOTEL WI-FI
- If possible, use a reputable Virtual Private Network (VPN) while teleworking to encrypt network traffic, making it harder for a cybercriminal to eavesdrop on your online activity.
- If available, use your phone’s wireless hotspot instead of hotel Wi-Fi.
- Before travelling, ensure your computer’s operating system (OS) and software are up to date on all patches; important data is backed up; and your OS has a current, well-vetted security or anti-virus application installed and running.
- Confirm with the hotel the name of their Wi-Fi network prior to connecting.
- Do not connect to networks other than the hotel’s official Wi-Fi network.
- Connect using the public Wi-Fi setting, and do not enable auto-reconnect while on a hotel network.
- Always confirm an HTTPS connection when browsing the internet; this is identified by the lock icon near the address bar.
- Avoid accessing sensitive websites, such as banking sites, or supplying personal data, such as social security numbers.
- Make sure any device that connects to hotel Wi-Fi is not discoverable and has Bluetooth disabled when not in use.
- Follow your employer’s security policies and procedures for wireless networking.
- If you must log into sensitive accounts, use multi-factor authentication.
- Enable login notifications to receive alerts on suspicious account activity.”
These are solid recommendations for workers to follow and for companies to share with their employees.