Soon it will be time for the spring bank holidays, and a few weeks later, the holidays, with all the relaxation, beaches, and seaside hotels that entails. But while some are relaxing, others are working, and not necessarily for the benefit of the former. Here are a few tips to ensure your hotel, campsite, or restaurant Wi-Fi connection doesn't turn into a nightmare.
Public Wi-Fi is not secure
Public Wi-Fi networks, such as those offered in hotels, pose significant risks to user security and privacy. Often poorly secured, they can be exploited by cybercriminals to intercept data exchanged between the user's device and the internet. This practice, called a Man-in-the-Middle attack, is defined in its cybersecurity dictionary by the French National Cybersecurity Agency (ANSSI) as an attack where a malicious actor intercepts a data exchange in a way that is concealed from users or systems. The connection is maintained, either by replacing the transferred data or by re-injecting it. This allows the attacker to retrieve login credentials, passwords, or banking information.
Furthermore, some hackers set up fake Wi-Fi access points that mimic those in hotels to trick unsuspecting guests. Once connected, the user unintentionally exposes their personal data. Public networks can also facilitate the installation of malware on devices by exploiting security vulnerabilities or encouraging the downloading of infected content. Finally, the lack of encryption on some websites exacerbates these risks, making information visible to any malicious individual connected to the same network. Therefore, using public Wi-Fi without taking precautions can seriously compromise travelers' digital security.
Not all Wi-Fi networks present the same risk
The first party responsible for protecting you is the Wi-Fi network owner. In addition to obligations regarding the retention of technical and personal data, the CNIL explains that the network owner must also ensure network security at a level appropriate to the existing risk, take measures to prevent or limit the consequences of security breaches for users, and ensure the security of the devices necessary for user identification and authentication for providing internet access
.
It's difficult to know if each public Wi-Fi network you use during your stay, whether at a hotel, restaurant, or other public place, is secure. It's recommended to avoid connecting to unknown or untrusted wireless networks. The CNIL (French Data Protection Authority) recommends always asking the business owner for the network name. Indeed, it's very easy for a hacker to create a Wi-Fi access point in a restaurant's name, then intercept all the traffic passing through it and steal the data you exchange with an e-commerce site, or even obtain your bank details and account login credentials.
Avoid exposing your sensitive data on public Wi-Fi
Since public Wi-Fi networks aren't always trustworthy and you don't have a cybersecurity expert readily available, you should avoid transmitting your sensitive data unencrypted over public Wi-Fi. This can be done either by using networks other than public Wi-Fi or by ensuring that your data is securely encrypted. The CNIL (French Data Protection Authority) recommends prioritizing your mobile operator's 3G/4G network, HTTPS websites, and using a VPN, preferably a paid one or one you've installed yourself at home on your personal connection. Many solutions are available, such as ExpressVPN on your iPhone.
These precautions will allow you to enjoy your trip without any unpleasant surprises upon your return, such as discovering that your digital identity has been hacked. These are also good habits to adopt for all your daily online activities.
