An unsecured public network is an attractive target for cybercriminals.
Since the coronavirus pandemic forced the switch to remote work, many people began to work not only from home, but also in public places. The problem is that public spaces may lack the stringent security measures required to protect sensitive data. This applies to libraries, cafes and even hotels. The FBI has issued a warning about the risks of using a wireless network in hotels.
Passwords from wireless networks in many hotels are not secret and are rarely changed. In many cases, network access can be easily obtained, for example, using a combination of a room number and a password. In addition, the hotel may have outdated network hardware and software with vulnerabilities that criminals can easily exploit. Even if the hardware is updated, it remains unknown whether the router's firmware was updated or the built-in password was changed.
Such a public network is an attractive target for cybercriminals, who can track the victim's activity on the Internet or redirect him to phishing pages. Attackers can even deploy their own malicious network using a name similar to the hotel chain name. Visitors mistakenly connect to a malicious network that gives the attacker direct access to their devices and data.
Once compromised, hackers can penetrate the victim's employer corporate network and gain access to sensitive data, download malware, or deploy ransomware.