You travel often for business, staying in hotels–but your information is at risk by hackers lurking on hotel Wi-Fi. You need a plan to secure your sensitive data against attacks, and that’s where we come in. Today, we review the best VPNs to encrypt your hotel Internet connection and block out third-party snooping and hacking.
Criminals are after corporate data and they’ll stop at nothing to get it. After all, data has become the main asset of many organizations. So, they’ve set up bases in hotels in order to gain access to corporate data through the devices that employees carry when travelling for business. If you’re travelling and using your devices to connect to your corporate network from your hotel room, make no mistake you are the target of hotel hackers. Fortunately, there’s something you can do about it.
Shield your identity and data from hotel hackers with these uncrackable VPNs:
- NordVPN – Best vs. Hackers – NordVPN is the most secure provider on the market, with sophisticated encryption and failsafes that crush the hopes of would-be hotel hackers into dust.
- Surfshark – A clever new VPN with cutting-edge tunneling protocols, blanket obfuscation, and customizable settings per Wi-Fi network.
- ExpressVPN – Extremely robust network that doesn’t force you to sacrifice speed for security. Rotating IPs, kill switch.
- CyberGhost – Offers a plain-language option to “secure Wi-Fi” for maximum security with minimal tech knowledge needed.
- PrivateVPN – Routes your data through its 100% self-owned network for enhanced privacy and performance.
- PureVPN – Military-grade encryption, tens of thousands of spoofable IPs, and even anti-malware.
We’ll start off our journey by having an in-depth look at what hotel hacking is. You’ll see how it is common and easy to exploit the flaws of networks and computers to gain access to corporate networks. And once a hacker has gained access to a corporate network, there’s no limit to the damage they can do. We’ll also see how the ubiquitous WiFi that we all come to expect and take for granted in our hotel rooms has made it even easier for hackers. Next, we’ll get to protecting against hotel hackers and how Virtual Private Networks can help with that followed by a brief review of some of the best VPN services you can use for that purpose. Finally, we’ll have a look at the history of hotel hacking for no other reason than to satisfy our curiosity. Finally,
Hotel hacking–What is it and how is it done?
When you travel and stay in hotels, you can unknowingly facilitate access to your work network by ill-intentioned individuals or organizations. A leading category of cyber attack involves hackers getting into company networks from where they can steal information and alter documents. This type of attack, called Advanced Persistent Threats (APT), requires an entry point and unsuspecting employees with company computers and smartphones give these hackers the access point that they need.
Hotels are convenient places for APT hackers because they’ll find a never-ending flow of computers and other devices with corporate network access from all over the world. Even vacation hotels are a good spot for hacking into company networks. This is due to this bad habit many of us have to always want to stay in touch with the office. The device that will give hackers the access they seek doesn’t need to belong to the company, it just needs to be connecting to the corporate network.
If your business sends staff abroad for meetings, sales pitches, training, or consultancy, you need to make sure all of the devices that they will potentially use to access the network are protected against infiltration.
Using WiFi for hotel hacking
A key method of access used by intruders is provided by hotel WiFi systems. A hacker can easily create a fake WiFi hot spot to attract hotel guests to connect to it. Many of the visitors may unsuspectingly carry out their usual activities while connected to the data gathering hacker’s hot spot, potentially exposing your corporate network access credentials, effectively granting them access to the corporate network.
Hotel hackers have now gotten up to speed with WiFi networks and they no longer need to get into your room to get onto your computer. Another simple method they can use is to tell you to download new software when you first connect to the hotel network. This is an evolved form of the spy-technician scam of previous years. Today, keystroke logging and controller programs get downloaded either as necessary connection software or masqueraded as updates for software that is already present on the computer.
Cybersecurity provider, Kaspersky Labs, reported in 2014 on their discovery of a hacking group from South Korea, called Darkhotel, which specialized in getting spyware onto the computers of guests in hotels. The group had operations enabling them to install spyware remotely over WiFi networks in several hotels in North and South Korea, Japan, Bangladesh, Thailand, India, Russia, Mozambique, the United States, the United Arab Emirates, Ireland, Italy, and Germany. The group uses a “man in the middle” method to get access to the computers of hotel guests. This type of scam is usually achieved by creating a fake WiFi hot spot that passes through all traffic onto the genuine hotel network, but monitors outbound traffic and injects in its own downloads of self-installing spyware.
Protecting yourself from hotel hackers
Security experts have one consistent piece of advice for protecting against hotel hackers: when you travel to “risky regions” such as China, Russia, the Baltic States, and even South America, you should leave your gadgets at home. Hackers can sneak app and operating system updates onto your phone and laptop while you walk around or sleep.
RELATED READING: Phone apps track every move you make, here’s how to fight back
Even if you are unlikely to connect to the office network, when you get back, Trojans and spyware can get carried back home with you on your smartphone. Once you arrive back and call a friend, you may just have launched a computer virus epidemic that will cripple hospital machinery all over your country and put lives at risk.
If you really have to take your computerized devices with you, install extra security and privacy software to protect them. Remember that you are particularly vulnerable in your hotel because that’s where foreign secret service operatives and state-sponsored hackers have set up intrusion procedures.
The strongest protection you can get is one step up from security — this is privacy. Virtual private networks not only secure the contents of your connections, they even protect all of the behind-the-scenes messages that computers and smartphones use to create connections. The technology that makes behind networks and the internet is complicated and not many people know about it. However, hackers in North Korea, China, and Russia receive government funds which give them large budgets to invest in research. Foreign hacker corporations are constantly finding new ways to get into company networks, steal data, shut down utilities, and cause havoc. So, installing a VPN before you go away on vacation is not only a precaution, it’s your patriotic duty.
READ ALSO: Best VPN for Small Businesses
How VPNs keep you safe
A VPN can help you by building a tunnel between your computer or other device and the VPN server. All data in and out of your device is forced to go through the tunnel where strong encryption makes it undecipherable. Hackers won’t see what you’re doing and where you’re going and will most often simply switch to trying to hack a different guest.
So, you need to make sure that you install a VPN on your laptop and all your connected devices before you check into a hotel. All of the VPNs reviewed below work well to protect your privacy from hackers. Make sure you set up your VPN to provide maximum coverage. Most VPNs have a settings page right within the client app. Look for a setting that causes the VPN to connect as soon as the computer starts up. Also, look for a setting called “kill switch” that will block all traffic should the tunnel ever go down unexpectedly and another one that sets up automatic WiFi protection and turn them on. Finally, turn on all malware and tracker blocking options that your software provides.
These settings should prevent hackers from getting into your computer by turning it on remotely. The VPN will block all internet access as soon as the computer boots up and provide full protection against hijacking. Similarly, if for some reason, the VPN connection gets dropped, no further internet access is possible until the VPN is re-engaged.
Finally, here are a few more features you should be looking for when selecting a VPN provider. It should have no data throughput or usage time limits. You want to be able to connect for an unlimited amount of time and transfer as much data as you need. Your provider should, of course, offer strong security like all of those on our list do. They should also offer WiFi protection since this is now the primary intrusion method used by hotel hackers. And finally, they should let you protect all of your devices under a single account.
What are the best VPNs to protect against hotel hacking?
After searching the market for some of the best VPN service providers here are five that we highly recommend. They all provide a good amount of security, have all the required features and will do an excellent job of protecting you against hotel hackers.
NordVPN is one of the oldest VPN providers. It has been around for over a decade and its ongoing popularity is still going strong, thanks in part to its huge server network and excellent value for the money. The provider’s servers fleet is impressive and it is one of the largest over 5,800 servers in 59 countries. Having so many options means you’re unlikely to encounter geo-restrictions. Furthermore, this is a VPN that guarantees 99.9% uptime. While the company has been criticized in the past for suffering from speed issues, it is a thing of the past as NordVPN has deployed fruitful efforts to solve that.
NordVPN provides 256-bit encryption on OpenVPN with 2 048-bit Diffie-Hellman keys as standard. The service also offers several additional useful security features including a kill switch and shared IP addresses. Privacy is the provider’s strongest point and being based in Panama means they are free to not retain any user information whatsoever. Other unique features include double VPN servers (where your data is encrypted twice and rerouted through two successive VPN servers for extra protection) and Onion over VPN servers (where your data is redirected through the TOR Network as well as a VPN for even better security).
Read our full NordVPN review.
- Optimized servers for unblocking Netflix
- Mind-boggling number of servers
- DNS leak protection, kill switch
- Extra-secure Double VPN for data encryption
- 24/7 Customer Service.
- Not much
- Apps can sometime be slow to connect.
Surfshark is an ideal choice for frequent travelers looking for a way to boost their security on hotel internet. Not only is it affordable, but it offers some advanced functionality you won’t find elsewhere.
For example, you can tailor specific VPN settings to different Wi-Fi networks. That means you can optimize Surfshark for speed and perhaps more relaxed security at home, while putting defenses up to maximum when connecting to public hotspots. What’s more, you have the best range of protocols to choose from, including OpenVPN, IKEv2/IPSec, WireGuard–all encrypted with the unbreakable 256-AES-GCM cipher.
Additionally, there is IP/DNS/WebRTC leak protection, a kill switch, plus automatic obfuscation every one of their 3200+ servers in 65 countries to confound would-be hackers. Moreover, Surfshark purges any trace metadata of your activity with their RAM-only servers, per their strict no-logging policy.
- Bypass government censorship with NoBorders mode
- Torrent safely on any server, no guesswork required
- Clean, dead-simple app interface makes constant security a no-brainer
- Zero logging policy ensures your activity can't be used against you
- Responsive customer support available 24/7.
- Growing network doesn’t have same coverage as more mature VPNs
- Relatively young VPN still has to prove itself trustworthy over the long haul.
Read our full Surfshark review.
ExpressVPN is one of the fastest VPNs and considering today’s media-intensive apps such as Netflix, you know speed is important. This provider offers consistent speed across all its servers and it does so without compromising security. But more important to that task at hand, it seems like this provider does an excellent job of staying under the radar when it comes to connecting to Netflix or other streaming services with similar practices.
ExpressVPN uses resilient encryption standards like OpenVPN connections encrypted with 256-bit AES as default. The service’s 4 096-bit DHE-RSA keys are protected by an SHA-512 hashing algorithm. For an excellent level of privacy, this provider only retains minimal individual data. It is based in the British Virgin Islands and is, therefore, not legally required to retain any user data at all. The client app features a “network lock” which is equivalent to other provider’s kill switch that further protects your privacy by blocking all network traffic if the VPN connection ever drops, which is a rare occurrence with such a reliable provider. Although ExpressVPN may not be the provider with the largest number of server and the most server locations, what it lacks in number of servers, it makes up for in speed and quality.
ExpressVPN’s client applications are available for most platforms and are very beginner-friendly. And if you do encounter an issue, the providers offer 24/7 customer support. I had one to use the live chat support and received a reply within a few seconds.
Read our full ExpressVPN review.
- Unblocks American Netflix, iPlayer, Hulu
- Fastest servers we have tested
- Torrenting/P2P allowed
- No logs for personal data
- Great support (24/7 chat).
- Expensive month-to-month plan.
CyberGhost is another immensely popular VPN provider. It made our list because the service works great and delivers what’s expected. This provider has over 6,000 servers in 87 countries. Among these, 999 servers are located in the US. This makes CyberGhost an excellent option to unblock many kinds of American geo-blocked content such as Netflix or other streaming services while ensuring a high level of security. Security-wise, this is a high-quality service that should provide excellent protection against hotel hackers.
By default, CyberGhost uses the OpenVPN protocol with 256-bit AES Encryption and 2 048-bit keys. For ultimate security, the provider also uses perfect secrecy. By generating a random key for each session, intercepting the connection is made much harder. Furthermore, the provider has a strict zero-logging policy; it doesn’t even keep user’s email addresses. Instead, it chose to have purchases processed by resellers so the only personal information it ever has about its users is their usernames. Other important features of the service include the ubiquitous Internet kill switch that will automatically disconnect your network if the VPN connection goes down as well as DNS and IP leak protection. As for the VPN client apps, they are available for Windows, Mac OS, iOS and Android.
Read our full CyberGhost review.
- Works with American Netflix
- Fast, constant speeds
- Not in the 14 Eyes
- Private: Strong no logs policy
- 24/7 Live Support.
- WebRTC IPv6 leak in macOS
- Sometimes experiencing average speeds.
PrivateVPN, the next entry on our list, is another excellent provider. Using this VPN, you will be able to safely stream, surf, download content from the web, and connect to your office network while being protected from hotel hackers. It can also let you simply check social media accounts or your e-mail with full anonymity and from anywhere. The two most Important features of the service are its speed and its ease of use. It is one of the best VPNs for general daily use. As for the client software, it is available for smartphones, desktop and laptop computers, and even Fire TV, a great advantage if this the platform you’re using to watch Netflix content, and it boasts a lightweight and easy to use interface. This provider is a great option for anyone who wants to use a VPN but doesn’t want to have to deal with complicated interfaces.
PrivateVPN’s network is comprised of over 150 servers in 60+ countries. While this is no match for some of its competitors’ hundreds if not thousands of servers, the provider seems to be doing a good job of remaining unnoticed by Netflix. This is a provider that can deliver the speed, the security, and the location variety that you’re looking for. On the security front, it uses 256-bit AES encryption and it keeps your connection safe with the usual automatic kill switch and DNS leak protection. Furthermore, the supplier has a zero logging policy on all traffic for an excellent level of privacy.
Read our full PrivateVPN review.
Last on our list is PureVPN, a VPN supplier which is known for its fast and unrestricted access to the internet. Don’t let its ranking lead you to believe it is not good. After all, it is in the top five. The provider has a large network of 2,000+ servers in 140+ countries. They’re almost everywhere. In addition to locations, PureVPN offers speedy connections, strong encryption algorithms, a zero-logging policy, unlimited bandwidth, DNS leak protection, and a quick kill switch to make sure your data always stays safe from hotel hackers in case the tunnel ceases working unexpectedly.
As far as encryption goes, PureVPN leaves nothing to be desired and uses only the best. The provider uses top-of-the-line, military-grade (up to) 256-bit encryption to protect and safeguard user’s data from falling into the wrong hands. Furthermore, it offers all the latest security and connectivity protocols. Those include OpenVPN, L2TP/IPSec, PPTP, SSTP, and IKEv2. The usability of a VPN is closely related to the client application it comes with. To that effect, PureVPN writes its own software for all major platforms, giving you an excellent integrated experience.
Read our full PureVPN review.
A brief history of hotel hacking
In the good old days, hotel hacking required physical access to the target device. Business and government travellers to China report that they would often leave their laptops and phones in hotel rooms while they went out for dinner. Upon returning to the United States, network administrators found that their devices had extra hardware installed into them. Dan Harris from China Law Blog, for example, reports a group of people returning to their rooms and catching people accessing their computers while in Tokyo, Japan.
The US authorities have been warning their citizens about taking internet-active devices to China since the 2008 Olympics in Beijing. Former US National Counterintelligence executive, Joel Brenner, is still on a mission to inform the public about the risks in China. He claims that the networks in hotels in China are monitored and manipulated by the Chinese secret service.
The physical access invasion which occurred in hotels evolved when started to offer in-room internet access and again as WiFi became popular. However, hackers and security officials alike did not develop WiFi intervention methods immediately. In the beginning, hotel internet systems were typically used as a ploy to allow spies to gain access to the electronic devices of foreigners by invitation.
As you can see, hotel hacking has long been a serious threat, and it has turned into something ever-more sophisticated and sinister. If you travel a lot for work or leisure, you owe it to yourself to shell out a couple of bucks a month for solid VPN protection. By encrypting your Internet connection, you can stay invisible on public Wi-Fi hotspots commonly offered by hotels.
Do you travel often to high-risk countries, and if so, have we convinced you to get a VPN before booking that hotel? Why or why not? Leave us a comment below.
If you need a VPN for a short while when traveling for example, you can get our top ranked VPN free of charge. NordVPN includes a 30-day money-back guarantee. You will need to pay for the subscription, that’s a fact, but it allows full access for 30 days and then you cancel for a full refund. Their no-questions-asked cancellation policy lives up to its name.