With coffee shops, hotels, shopping malls, airports, et al offering their customers free access to public Wi-Fi, it’s a convenient way to check your emails, catch up on social networking, or surf the web.
With coffee shops, hotels, shopping malls, airports, et al offering their customers free access to public Wi-Fi, it’s a convenient way to check your emails, catch up on social networking, or surf the web. However, cyber criminals tend to often spy on public Wi-Fi networks and intercept data that is transferred across the link. They are able to gain access to users’ banking credentials, account passwords, and other valuable information. The million dollar question then: Is public Wi-Fi really safe?
There have been recent incidents of major security breach wherein an unknown group of cyber criminals hacked the Twitter accounts of prominent personalities like Rahul Gandhi, Vijay Mallya, among others; these only add to the seriousness of the issue. Also Yahoo’s latest disclosure of yet another massive cyber attack, declaring that data from more than one billion user accounts was compromised in August 2013, gives us a further reality check.
With the increasing complexities of cyber attacks, public wireless networks can easily become yet another tool to intercept user data. The same features that make free Wi-Fi hotspots convenient for consumers make them desirable for hackers, since it requires no authentication to establish a network connection. This creates an amazing opportunity for the hacker to get unfettered access to unsecured devices on the same network, says Altaf Halde, managing director—South Asia, Kaspersky Lab.
The biggest threat to free Wi-Fi security is the ability of the hacker to position himself between you and the connection point, explains Halde. “So instead of talking directly with the hotspot, you are sending your information to the hacker, who then relays it on. The hacker has access to every piece of information you are sending out on the Internet: important emails, credit card information and even security credentials . Once the hacker has that information, he can—at his leisure—access your systems as if he were you,” he informs.
Giving a detailed insight on the vulnerabilities of Wi-Fi network, the Kaspersky Lab South Asia MD reveals that hackers can also use an unsecured Wi-Fi connection to distribute malware. “If you allow file-sharing across a network, the hacker can easily plant infected software on your PC. Some ingenious hackers have even managed to hack the connection point itself, causing a pop-up window to appear during the connection process offering an upgrade to a piece of popular software. Clicking the window installs the malware,” he says.
Elaborating on some of the most common threats in the public Wi-Fi space, Dhanya Thakkar, VP and managing director, APAC, Trend Micro, shares, “One of the most prominent threats while being on a hotspot is “the evil twin”. It is a Wi-Fi connection that seems like the real Wi-Fi hotspot of a dine-in, cafe, etc., but would actually be a replica, setup by a hacker. Such fake hotspots capture a user’s data like passwords, credit card numbers, etc. once their connection is established. If a user gets connected to such a Wi-Fi, their data can be stolen, their PC can be hacked and what not.”
On some of the steps that can be taken to safeguard the Wi-Fi network, Thakkar says, “A virtual private network (VPN) encrypts all the data going into and out of the consumer’s computer or mobile device. This technology blocks hackers from accessing data sent over Wi-Fi networks, so users are always protected.”
At present there are over 31,000 public Wi-Fi hotspots installed in India and industry estimates cite that the number is pegged to grow beyond 2,02,000 by 2018. O-Zone, a provider of wireless internet and mobility solutions, has deployed more than 7,000 access points of which 1,500 are public Wi-Fi hotspots in more than 26 cities. The company aims to deploy 25,000 hotspots in the next two years and one million hotspots by the year 2021.
Sanjeev ‘Bobby’ Sarin, founder and CEO, O-Zone Networks believes that it is important for Wi-Fi providers to comply with the government regulations.
“Cyber security is of paramount importance to us when it comes to public Wi-Fi. Given that it is a public network, security becomes crucial since at any given point of time the network is carrying terabytes of the user’s public and private information,” he says. “Hence, all public Wi-Fi providers must comply with government regulations and also strive to adhere to the latest trends in cyber security.”