Back to Top

Welcome to Hackafe!


Public Wi-Fi risks for business travelers

Did you know that about 65% of business travelers are concerned about their companies' data safety while they are traveling? This is the result of a recent study which was commissioned by Carlson Wagonlit Travel.

According to CWT, the respondents were most concerned about having their laptops or mobile devices stolen or lost (29%) and about using a public Wi-Fi network (21%). And while these concerns are valid, the same study has highlighted that almost 40% of people have downloaded email attachments which were sent by unknown people.


There is some good news, though; most respondents applied some basic security measures the minute they became aware of a potential wireless security breach. Some people have shut down their computers, others have quickly notified their employers, and so on.

So, Wi-Fi security risks are serious, and business travelers have much more to lose in comparison with typical free hotspots users. Not only that, but researchers have recently discovered several serious security flaws in the WPA2 protocol, which was considered to be 100% safe until now. This means that virtually all the devices that connect to a wireless network are vulnerable. Here's what you can do to stay on the safer side while you are traveling for business-related purposes.

Let us begin by stating that for best results, you should avoid connecting to a public Wi-Fi network whenever it is possible to do so. I don't care if it's the airport's hotspot, your hotel's Wi-Fi network, and so on – just don't do it! Man-in-the-middle attacks are quite common these days; by applying this method, hackers are able to intercept the data that travels from your laptop to the company server, extract the network password using a tool that analyzes those data packets, and then attack the company network.

Many cyber villains will use a service set identifier (SSID) application to determine the name of your hotel's wireless network, for example, and then they will set up their own hotspot, which will have a similarly named SSID. And since most hackers are smart, they may come up with SSID names that persuade people to connect to their wireless networks. Once that is done, all the information that you are sending and receiving to/from the web will pass through their laptops.

For some strange reason, people tend to install and use poorly coded applications that allow file sharing on their devices. Don't make this mistake; if hackers manage to connect to the same wireless network, they will have access to all your shared data.

Others set up a fake wireless hotspot, asking you a small fee (one or two dollars) to access the Internet. They don't necessarily want your dollar, of course; they are much more interested in having you input your credit card information in their online forms, and then store it for further use.

If you really need to access a public hotspot, ensure that you connect to the company server using a virtual private network (VPN). In a nutshell, a VPN helps create a secure connection over the Internet. However, the best solution of all is to use a mobile device's Internet connection. Your phone can share its Internet connection through an improvised Wi-Fi hotspot or via tethering (the more secure option). So, if your company offers its employees uncapped data plans, it is going to be much easier to connect to its servers without relying on public Wi-Fi hotspots.

Google has forced the online world to move towards a more secure state by using its browser to label the less secure sites as "not secure". I'd dare to say that if a website can't afford or doesn't want to install a secure HTTPS certificate, it should never be visited. So, be sure to avoid any HTTP-based website; the data that you're exchanging with it, be it a user/pass combination, your credit card information, and so on, can easily fall into the wrong hands.

Don't forget that software and hardware need to be patched often. Therefore, do your best to keep your devices secure by applying the most recent security patches. Learn to do that regularly, and you will hopefully minimize any security risks.