FBI Warns of Wi-Fi Attacks Targeting Teleworkers at Hotels Due to COVID

FBI Warns of Wi-Fi Attacks Targeting Teleworkers at Hotels Due to COVIDFBI Warns of Wi-Fi Attacks Targeting Teleworkers at Hotels Due to COVID

The Federal Bureau of Investigation (FBI) recently issued an announcement encouraging Americans to exercise caution when using hotel wireless networks (Wi-Fi) for telework.

The announcement – in-part – states, “FBI has observed a trend where individuals who were previously teleworking from home are beginning to telework from hotels. US hotels, predominantly in major cities, have begun to advertise daytime room reservations for guests seeking a quiet, distraction-free work environment. While this option may be appealing, accessing sensitive information from hotel Wi-Fi poses an increased security risk over home Wi-Fi networks. 

“Malicious actors can exploit inconsistent or lax hotel Wi-Fi security and guests’ security complacency to compromise the work and personal data of hotel guests. Following good cyber security practices can minimize some of the risks associated with using hotel Wi-Fi for telework.”

Hotels always an issue

Unfortunately, this doesn’t surprise us. Hotels have always been a prime spot for criminals to try to gain access to mobile devices – even at hotels hosting mobile security conferences. 

As smart as mobile devices are, devices search for networks and can inadvertently connect to a spoofed network (if the user has been to the hotel before) or show the spoofed network to the user. Per the FBI note, “Criminals can also conduct an ‘evil twin attack’ by creating their own malicious network with a similar name to the hotel’s network. Guests may then mistakenly connect to the criminal’s network instead of the hotel’s, giving the criminal direct access to the guest’s computer.”

The FBI note goes on to say, “Connecting personal or business devices to the hotel’s wireless network may allow malicious actors to compromise the individual’s device and then access the business network of the guest’s employer. Once the malicious actor gains access to the business network, they can steal proprietary data and upload malware, including ransomware. Cybercriminals or nation-state actors can use stolen intellectual property to facilitate their own schemes or produce counterfeit versions of proprietary products. Cybercriminals can use information gathered from access to company data to trick business executives into transferring company funds to the criminal.”

We are the answer

Our solution – zIPS – the same solution the Department of Defense (DoD) is using to deliver comprehensive Mobile Endpoint Protection (MEP) to the unclassified devices of servicemen and women around the world – will protect and detect these types of network attacks. 

Zimperium, the global leader in mobile device and app security, offers the only real-time, on-device, machine learning-based protection against Android, iOS and Chromebooks threats, including the detection of device, network, phishing and malicious app attacks. 

To learn more

To read the entire FBI announcement, click here. To learn more about how we can help, click here

FBI Warns of Wi-Fi Attacks Targeting Teleworkers at Hotels Due to COVID

Source

Related Articles

New Advanced Android Malware Posing as “System Update”

Another week, and another major mobile security risk. A few weeks ago, Zimperium zLabs researchers disclosed unsecured cloud configurations exposing information in thousands of legitimate iOS and Android apps (you can read more about it in our blog). This week, zLabs is warning Android users about a sophisticated new malicious app. The new malware disguises … Read More

The post New Advanced Android Malware Posing as “System Update” appeared first on Zimperium Mobile Security Blog.

GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally

Research and writeup by Aazim Yaswant and Nipun Gupta With the increase of mobile device use in everyday life, it is no surprise to see cybercriminals targeting these endpoints for financial crimes. Zimperium zLabs recently discovered an aggressive mobile premium services campaign with upwards of 10 million victims globally, and […]

The post GriftHorse Android Trojan Steals Millions from Over 10 Million Victims Globally appeared first on Zimperium Mobile Security Blog.

5 Steps to Stronger K-12 Chromebook Security

As a second installment related to October’s Cybersecurity Awareness Month, we wanted to highlight the fact that we’re two months into the new school year and focus on the mobile security implications of both the hybrid and in-person models that educational institutions are grappling with protecting.  While so many educators, […]

The post 5 Steps to Stronger K-12 Chromebook Security appeared first on Zimperium Mobile Security Blog.