Airport Wireless Networks – Not As Safe As You Think

Layovers, transfers and flight delays are more tolerable these days thanks to airport wireless internet networks.

Business travelers can use time between flights to catch up on emails, holidaymakers can upload photos, and Netflix helps to pass the time. Have you ever wondered about how safe your information is when you’re using airport wifi? Like in any crowded place, hackers and criminals can steal your personal information through unsecure wifi connections and unencrypted websites.

It’s time to learn how you can protect yourself when using airport wifi.

Some airports have been shown to have more secure networks than others. Even in the most cyber security-aware terminals, it pays to be aware of airport wireless internet threats. Some airlines also offer in-flight wifi. These are often unsecured networks that do not require a password to connect.

They are as vulnerable as free coffee shop wifi, but the isolation of the flight sometimes lulls travelers into thinking they are safe from attack. Treat public wifi connections on the ground and in the air with a healthy dose of caution.

Airport wireless network threats

Scammers work hard to fool tired and distracted airport travelers. They hope that you aren’t looking too closely when you see the list of available networks (also called SSIDs). Here are the most common ways hackers try to steal your information when you connect to airport wifi.

Evil Twin

Watch out for ‘evil twin’ networks. Fake network hotspots are common in high-traffic areas. Hackers name the fake networks with very similar names to authentic connections. Watch out for capitalization, changed numbers and special characters (Airport_WiFi vs airportwifi1). Many providers display the correct network name on posters, walls and even in public bathrooms – take a moment to verify before connecting. If you connect to a hacker’s wifi network, all your data will pass through their hands.

Honeypot

Some scammers launch so-called ‘honeypot’ wifi networks that lure unsuspecting travelers with SSIDs like Free_WiFi or FREE-Internet. It’s much better to take a moment to connect to an official wifi network, even if you must pay for it. Unsecured, ‘free wifi’ will often push your internet activity directly to the scammer’s own laptop.

Most official networks ask you to agree to terms and conditions after you connect but before you can access the internet on your device. If you’re not asked to agree to terms and conditions,  this could be a sign that you’re not actually connected to a genuine airport wifi and could be in danger. If you’re not sure you can ask airport staff for the official wifi SSID or choose not to connect.

Unsecured networks

Even official networks can be dangerous if not properly configured. If a hacker manages to take control of an airport wifi router, they can redirect you to phishing pages or sites containing malware, often using a man-in-the-middle attack like DNS poisoning. Don’t assume that airport wifi is properly secured, because many fall short.

Popups

Be wary of pop up windows that offer to update your software while you are connected to the airport network. This is very likely to be a malware trap. If you accept the update you may be downloading viruses, ransomware or other types of malware. Decline all opportunities to run updates on public wifi networks.

Ways you can protect yourself

There is never any guarantee that your data will remain private when you use the internet. There are ways to make your connections more secure. A little planning before you leave for your trip could save you a lot of hassle later on.

Before you leave for your trip, use your home or company wifi network to make sure your computer is up to date with antivirus and any firewall requirements. This will give your device the best line of defense against known threats.

Use a VPN

Virtual Private Networks create an encrypted ‘tunnel’ that protects all of your data from being read by data sniffers – eavesdroppers. If you travel for business, you may find your work device already deploys one of these. (If they don’t, speak to your IT team about getting one). Private VPNs are available to download online. Some are free or low-cost – read online reviews to see which one is right for you. It won’t take long to familiarize yourself with how VPNs work, and your data will be much safer because of it. Both ExpressVPN and NordVPN score highly on review sites.

Disable print sharing, airdrop and Bluetooth

Some Apple devices make it easy to share files, documents and images using airdrop, a wireless broadcasting connection. If you don’t want to make your information available to other nearby Apple devices, turn it off. Bluetooth is also more secure than it used to be but should also be disconnected where possible to reduce any risks of hacking. Your device might have a setting that treats the wifi as ‘public’ rather than a home network and automatically disable sharing and other network features.

Visit HTTPS websites

Before 2017, many of the top-visited websites did not encrypt their information, which meant anyone with the right tools could ‘sniff’ the data being transmitted across wireless connections. Now, over 70 of the top 100 visited websites are HTTPS secured. If you look at the top left-hand corner of your address bar in this browser, you should see a small closed padlock. This means the website is encrypted. People attempting to read the data you transmit will see the domain name but not the specific page address, nor data you enter or search for. This is often enough privacy for most people. Extra caution may be warranted when the domain name alone indicates interest in a sensitive subject that you may not want made public. The level of privacy each person demands is different, and there are levels of privacy protections available to reflect that.

Avoid entering personal details

Even though HTTPS protocols make most public internet use safer than ever before, it is still wise to act as if hackers are watching you. There are other methods unscrupulous people can use to try and steal your personal data. Never enter banking passwords or credit card details, for example.

Disconnect when possible

Depending on your usage, you may be able to connect to the wifi, get your task done and then disconnect. The less time you spend connected to the network the less risk you expose yourself to.

Use your phone hotspot

If you have a good data plan, you may be able to use your smartphone’s data via a wi-fi hotspot. You avoid using the airport wifi altogether, although you will need to decide how much data you’re willing to burn.

Forget the network when you’re done

When you are finished with the airport wifi and you don’t want to connect again, use your device settings to forget the network. This will stop your device from automatically connecting to the network without your express permission in the future.

Following the tips above can help you stay safe and avoid becoming the prey of hackers during your next stop at the airport.

Author: Richard Patterson

Share This Post On

Submit a Comment