So, you have finally reached your hotel.. What is one of the first things you are eager to do? Connect to the WiFi!
Yet, how often do we consider the security of the hotel's WiFi connection? In 2007, the first spate of 'DarkHotel', targeted malware attacks via hotel WiFi networks began. These targeted attacks consisted of the attackers infiltrating the hotel WiFi networks, and uploaded malware. This malware would then present itself as a software update once the hotel guest connected to the WiFi network. Accept the update, and it is quite literally "game over". The software update is a masqueraded virus, consisting of a key-logger; enabling the attacker to gain access to your user credentials, and potentially your bank details.
'DarkHotel' has returned, and is no longer "targeted". Instead of targeting only the wealthy and high profile travellers, the attackers are casting their web much wider, in an attempt to hack as many users as possible; therefore gain as much confidential data as possible.
We advise that users implement the following, if possible:
- anti-malware and anti-virus
- multi-factor authentication
And if at all possible, refrain from using publicly accessible WiFi to access sensitive and personal information.
A seemingly innocuous stay in a hotel could result in disastrous security breaches for business travelers and the companies they represent