Wifi inflight: beware of security issues

Wifi inflight: beware of security issues

As inflight wifi becomes more prevalent, travel agents and their clients are being warned that extra care should be taken when going online in the air.

October is Cyber Security Awareness Month and international company NordVPN has released a document outlining issues with inflight internet.

‘The dangers of public wifi are already well known but the security issues of inflight internet connection are still somewhat obscure. In 2015, there were already 52 airlines worldwide offering in-flight internet,’ the company says. (Air New Zealand has signalled its intention to introduce the service next year.)

It points out there is no password protection on the wifi connection so anyone can intercept all data that is being transmitted on the wireless network.

‘Thus while it is great to go online while you are in the sky, connecting to Gogo or another provider might mean you are giving your private data away to cyber criminals. Airplanes are unique hacking grounds, more dangerous than airports or coffee shops, as they cram passengers in one small space for hours. This gives plenty of time and opportunity for hackers to access all data that is being transmitted over open networks.’

NordVPN recommends travellers designate the Public network setting (not Home or Work) and make sure they are connecting to the wifi network offered on the flight and not a ‘look-alike’. It says travellers should also utilise a VPN service that encrypts all the traffic flow between the internet and a device and helps hide an IP address.

Locally, Steve Mutton of apx travel management, says inflight wifi needs to be treated in much the same way as other unsecured public wifi like libraries and cafes. ‘You need to always assume that it is completely open to access by other parties and so be extremely aware of what you are transmitting. Our advise is to always ensure you have appropriate encryption software on your device before connecting to any of these public wifis – inflight included.’

Mutton says working on a flight has another ‘unspoken security issue’. ‘That is shoulder surfing, and that's regardless of wifi being available or not. The close quarters in a cabin (particularly the economy cabin) means that whatever you are working on is visible to at least three or four others around you. ‘When working in those conditions you need to be aware that whatever you are working on is not going to be confidential, regardless of whether those around you want to see it or not.’

Keith Sumner, managing director of Gilpin Travel, says that travel agents need to assess where they stand in advising clients on such issues. ‘It is important that while we are aware of a lot of these issues, we don’t have people seeing us as an IT advisory service.’

He says the travel trade could find itself offering warnings and advice on virtually anything, from inoculations to criminal activities, terrorism acts and much more. That is something that should be avoided.‘For things like this (cyber crime) customers will be looking at expert advisors and that includes their own IT manager. Our role is to highlight that this is an issue, rather than try to suggest and find solutions.’

Connected in the air: no more ‘me-time’

Being connected to the job even while flying is not necessarily all good for doing business efficiently, says Steve Mutton, chief financial officer of apx travel management.

‘An airline flight is really the last bastion of when someone can be truly off the grid,’ he says. ‘As inflight wifi becomes more prevalent, that me time, or down time, is quickly disappearing. This could have quite an effect on the state the traveller is in at the end of a flight – particularly a long haul one.

‘It’s also been shown that the brain really needs to relax when travelling to ensure the traveller is in the best possible shape to deal with jetlag and time zone changes – being ‘always on’ and working during a mid to long haul flight doesn’t allow the brain to relax and adjust to a new time zone.

‘The interesting piece for corporates in all of this is how to manage the expectations of always being contactable (no matter what) and balancing that with the duty of care they owe to their travellers.’