In-flight Public Wi-Fi: Is It Safe?

With US-based airlines leading the industry in in-flight wifi, it’s becoming a more and more present feature on flights. However, what are the steps being taken in protecting users on these in-flight wifi hosted servers? Is it possible to be hacked while in a plane? It is an important question, and we hope to have an important answer.

In-Flight Wifi: A Trend on the Rise.

Wi-Fi is becoming ever more ubiquitous, and rightly so. After all, we're not only more connected now, but we're also toting more and more mobile devices that require an Internet connection for full functionality (or just to give your data plan a much-needed break!). Public Wi-Fi helps us stay connected wherever we are, helping us to work, communicate, and entertain ourselves. There are few places where one can feel as unproductive, isolated, or bored as on a plane during a long flight; so, it's unsurprising that more and more airlines are offering in-flight Wi-Fi. Robert Albert, the CEO of Routehappy, points out that "Wi-Fi is one of the most sought after, new amenities flyers want to access on their flights, and there has been significant investment by airlines since our last report." More than 50 airlines worldwide now offer in-flight Wi-Fi. International travellers have about a one in four chance of having Wi-Fi available; for domestic flights, the chance skyrockets to two out of three. Great news, right? Well, mostly. Sure, you're going to catch every one of Kim Kardashian's tweets and you won't miss a single Snap from your buddies, but you're also potentially exposing yourself to some serious dangers. Hackers love the fish-in-a-barrel aspect of in-flight Wi-Fi. Not only do they know you're stuck in an airplane, they have a very good idea of when you're going to connect or disconnect based on flight schedules. That gives them ample opportunity to try multiple methods to infiltrate your devices or intercept your information.

How Hackers Intercept Your Internet Traffic.

So, just how easy is it for a hacker to get your information over in-flight Wi-Fi? That depends on a number of factors, but the sobering answer is that it is very, very easy if you don't take precautions. And, most people don't. If you select "home" when you connect to a new network out of habit, you're telling your device that file sharing with anyone on that same network is A-OK. You've basically put out a welcome mat for hackers. However, even if you're more conscientious than that, there are other ways for hackers to get access to your traffic on in-flight Wi-Fi. There are devices such as the Wi-Fi Pineapple that are able to spoof the connection you really want, and insert themselves as a router between your device and the airline Wi-Fi. So, that means that even if the airline's Wi-Fi itself is secure, your information isn't, because it's being intercepted. Wi-Fi Pineapples are getting smaller and easier to hide all the time; one could easily reside in a carry-on bag or even a purse. And no, the Wi-Fi Pineapple doesn't look particularly ominous, so don't expect the TSA to catch on. Plus, a pocket-sized Pineapple only costs about $100.00, not much of an obstacle for someone who's probably a pro at stealing bank and credit card information. In-flight Wi-Fi has increased by 179 percent in the last several years, and you'd better believe that the number of hackers (and the frequency of their hacking) is trying to keep pace. It's bad enough that as users, we frequently don't take the precautions we should, but the problem doesn't end there. What's even more troubling is the fact that the providers aren't taking the necessary precautions. GoGo, which is the most popular provider of in-flight Wi-Fi in the United States, has been fraught with security problems. For example, GoGo attempted to limit video streaming by issuing fake SSL certificates for certain sites… but the method turned out to affect users' security in other instances as well, like when visiting sites that have optional video streaming. Another issue is router security. If the person in charge of installing and maintaining the router didn't think to change the default password, it can sometimes be possible for a hacker to attack the router directly, gaining access to every passenger's Internet traffic.

What You Can Do to Protect Yourself.

Here are a few tips you can use to improve your security when using in-flight Wi-Fi:

1.) Stay connected to secure websites: SSL and Https.

Read and verify SSL certificates. It's very difficult for hackers to break the encryption that SSL provides, but it is markedly easier for them to find a way around it. Do yourself a favor and make sure that the certificate is there to start with, and that a trusted source issues it (the website you're visiting).

VPN: Protection at any altitude.

Use a VPN (Virtual Private Network). A VPN is a great way to increase your data security, especially when using public Wi-Fi, in-flight or otherwise. A good VPN encrypts your traffic before it's sent, and then sends it through a channel known to be secure. The great thing about using a VPN is that if a hacker does somehow overcome all obstacles and intercept your traffic, he won't be able to understand or use any of it. Companies like us, ZenMate, have software and apps that can protect you regardless of what device you're currently using. Whether you're catching up on work email or getting your YouTube fix, you're safe and secure.

Knowledge is prevention: be aware of ‘Man in the Middle Attacks’.

This one may seem overly obvious, but make sure you're actually connecting to the right network. A hacker can provide a hotspot paired with other devices to "fool" your device into thinking it's a known network. If you're just allowing yourself to connect to open Wi-Fi networks without checking on them, you're practically asking for trouble. Remember, being cautious isn't just about making it impossible for a hacker to intercept your information; it's really about making it harder. Hackers, like everyone else, prefer their "job" to be easy. Toss in some encryption, difficult passwords, and a VPN, and you've made yourself an extremely unattractive candidate.

Share this