You may have seen articles at CNBC.com, TravelPulse and elsewhere this week warning travelers of the dangers of connecting to public Wi-Fi at airports. These posts cite data from cybersecurity firm Coronet that ranks the airports where you're mostly likely to be hacked when connecting to Wi-Fi. That list includes:
- San Diego International (SAN - San Diego, California)
- John Wayne Airport-Orange County Airport (SNA - Santa Ana, California)
- William P Hobby Airport (HOU - Houston, Texas)
- Southwest Florida International Airport (RSW - Fort Myers, Florida)
- Newark Liberty International Airport (EWR - Newark, New Jersey)
- Dallas Love Field (DAL - Dallas, Texas)
- Phoenix Sky Harbor International Airport (PHX - Phoenix, Arizona)
- Charlotte Douglas International Airport (CLT - Charlotte, North Carolina)
- Detroit Metropolitan Wayne County Airport (DTW - Detroit, Michigan)
- Logan International Airport (BOS - Boston, Masachusetts)
Why so dangerous?
Hackers may set up public networks that look like the official airport Wi-Fi, using a similar name and even an acceptance page that looks official. The Wi-Fi agreement/acceptance page itself could be designed to collect personally identifiable information about you if there's a form to fill out, or it could even install malware on your device when you click the accept button. Once you're connected to a dangerous network, any data that you send and receive - from business emails to login credentials for your email or bank accounts - could be stolen.
It's not just malicious networks you need to worry about. Depending on the architecture of the network and whether or not it's encrypted, even legitimate public Wi-Fi can be vulnerable to eavesdropping on your data.
Not just airports
Although airports are the topic of today's discussion, it's important to note that using public Wi-Fi anywhere - at your hotel, at a coffee shop, in the park, at the gym, etc. - could leave you vulnerable to the same compromises.
I need my Wi-Fi! What should I do?
Slow down. Take a deep breath. Pay attention. Think about what you're doing and how you're doing it. Rushing and hurrying with technology and skipping over the details is a part of human nature (particularly for business travelers) that hackers rely on. See this article on social engineering in corporate travel.
Look for trusted information on the official Wi-Fi at the airport. This may be on signage, on the airport's official website or at an airport information kiosk. This information on airport Wi-Fi and the best way to connect to it can help you to determine which of the dozens of available networks is the one you should connect to.
If your device has a setting that allows you to automatically connect to public Wi-Fi networks (most do), disable that right now! You don't want your laptop to accidentally connect to a malicious network before you have even had a chance to look at it.
Maintain a good password strategy. Use passwords that are not easily guessed, with varying capitalization, special characters and numbers. Use different passwords for each account so that, if a hacker should obtain your credentials for one, they won't be able to access them all. Store them in a reputable password manager to keep track of them.
Don't enter your personal information into sites that aren't encrypted. Look for the lock icon and sites that start with "https:" in the title bar.
Use a VPN. Your company may offer you a Virtual Private Network with which you can connect to access sensitive files and send communication. This network will encrypt all traffic between your device and the network, and between the network and the rest of the internet. If your company doesn't have one there are a number of reputable 3rd party VPNs on the market for reasonable prices. You can also bring a travel router along. They perform a similar function and give you an extra layer of protection when you're connecting to public networks. Read this post for more.
Monitor your credit and your accounts frequently. We're in an era in which cyberattacks happen with regularity. Identity theft happens. Even the most prepared, security-minded individuals can become a victim if they've interacted in any way with other people, businesses and networks. Keeping a close eye on your personal information and watching for irregularities can help you minimize the damage should it occur.
For a much more detailed look at this topic, download Travel and Transport's E-Book entitled Cybersecurity & Privacy for Business Travel.