The availability and use of WiFi onboard commercial aircraft is rapidly increasing, but network-security experts question whether consumers are adequately being made aware of the potential security dangers connectivity presents.

At the end of 2015, U.S. airlines offered at least spotty connections on flights representing 78% of their available seat miles, according to an annual report produced by the flight-amenities merchandising platform Routehappy. That represented a major jump from 2013, when Routehappy, using a slightly different metric, found that WiFi was either available or in rollout on just 47% of U.S. flights.

But experts said that while more connectivity is surely a good thing for flyers, especially for business travelers, it's important they be on guard when using airplane WiFi.

"The easiest way to look at this is that it is a public network, and public networks in general are not secure at the level of a sophisticated hacker," said Richard Blech, CEO of the cyberdefense firm Secure Channels. "If there is someone on the aircraft that wants to get into the network, they are going to get into the network."

Opinions vary as to whether aircraft WiFi is less secure than the typical public WiFi network. Blech said it is, noting that onboard an airplane, users of computers and devices are especially vulnerable to being spied on the old-fashioned way: people looking over someone's shoulder.

But Blech also said that because flights concentrate people tightly in a confined space for a fixed amount of time, their WiFi networks are inherently easier to target than the network of a typical venue on the ground.

"You've got three to five hours locked in, and everyone's stationary," Blech said. "That's a world of time for a hacker."

In contrast, John McGloughlin, CEO of tactical security services firm GuardSight, said the risks of using WiFi on a plane are similar to the risks on other public networks. Hackers, he said, will likely find it more time-effective to target venues that don't require boarding an airplane.

"Think about the target audience on an aircraft," he said. "What do you get, 130 to 300 people? Think about the number of targets in the world."

Still McGloughlin, who said GuardSight has done business with avionics companies, said he was not suggesting that signing on during flights shouldn't be done with caution, since, like most public WiFi providers, airlines probably aren't employing a number of useful measures that would secure their networks against intrusion.

Experts said there are a number of simple steps airline passengers should take to stay safer while online.

• Be mindful of prying eyes. Shield the screen or dim the light on your device or computer if possible.

• Don't access or transmit sensitive information, such as bank records, if you can avoid it.

"Common sense," Blech said. "You're in a public spot. What can't wait a couple hours?"

• Run system updates regularly to patch vulnerabilities.

• Be aware of potential spoof networks used by hackers to gain access to your device. If a network looks like its name is a little off (perhaps there is a misspelling) don't sign on. Better yet, ask a flight attendant what the plane's network is called.

• Give yourself extra protection by connecting through a virtual private network (VPN), which ensures that the information flyers are sending is encrypted. Signing up for a VPN service is affordable and easy to do, though it will slow down a connection.

"People tend to forget that they should employ all the precautions that they would when they are on the ground," said Jodi Myers, marketing chief for NordVPN.

Comments


JDS Travel News JDS Viewpoints JDS Africa/MI