I remember a few months ago reading a computer security report conducted for a large international hotel chain. It was an assessment of the security of the various computer services that this chain provided for it’s guests. The report covered many areas, but the real headline of the document was what the security firm found on the hotel kiosk machines that were located across the hotel’s foyers.
You’ve probably seen these in many international hotels, computers at desks which for a small fee you can login to and surf the web, check your emails or sign in to your company network. However you’d be ill advised to do this on any of these computers because they were almost all riddled with malware and identity stealing software.
The infestation was shocking, the computers were all designed to steal and forward details of anyone using these computers. If you logged into webmail or any site which required a username or password these details would be forwarded to some remote server on the internet. These details would then be used by criminal cyber gangs to either steal directly or for identity theft purposes to obtain credit or goods in your name. Obviously because these were expensive international hotels, the users were often high worth individuals who conducted lots of financial transactions online.
There is a simple rule here to follow, never ever use another computer when you’re travelling particularly one which is in a public space like these lobby computers. You have absolutely no way of knowing whether they are well secured or riddled with viruses and the second option is usually the most likely.
However it doesn’t just stop there, even if you don’t use other peoples computers – it’s likely you’ll have to use someone else’s hardware. Every WI-FI access point you connect to, you are effectively trusting with your personal credentials. How much do you trust the security of that coffee shop wireless system ? They make great coffee, sure but how much do they know about securing internet access points?
Of course, you can’t do an in-depth security view of every facility before you use their internet connection and trying not to access sites which require logins whilst travelling is easier said than done. There is a solution though which can almost completely mitigate these risks from software I actually use to for BBC iPlayer Ireland, where it normally inaccessible. It’s a VPN program which routes your internet connection through a secure server whilst adding a layer of encryption. This means that even if cyber baddies are logging everything you don online through a hacked hotel access point, they won’t be able to actually see anything.
Informational Post – Irish IP Address