It is almost second nature now, spending time online using a Wi-Fi hot spot. However hooking up to the network can carry hidden risks. Despite this, more than a third of users take no additional precautions when logging on to public Wi-Fi, according to the Kaspersky Consumer Security Risks survey conducted by B2B International and Kaspersky Lab in 2013.
Nowadays it is easy to get online – in addition to cellular networks and broadband cable communication networks, there is often at least one hotspot which can connect computers and mobile devices to the Internet.
However, many of these hotspots skimp on protection for users – and many users are unaware or unconcerned about the potential problems this can cause. In the Survey, 34% of users said they took no special measures to protect online activity using a hotspot, while 14% were happy to bank or shop online using any network that came to hand. Just 13% take the time to check the encryption standard of any given access point. Does extra caution make sense when using public Wi-Fi, or is it all a worry too far?
It’s You, a Website and a Man in the Middle:
The answer is YES. You never know what “that guy with the laptop at the next table” might be doing. Maybe, like you, he’s checking his email or chatting with friends. But maybe he’s monitoring the Internet traffic of everyone around him – including yours. A Man-in-the-Middle attack makes this possible. Any Wi-Fi access point is a window to the Internet for all the devices attached to it. Every request from a device goes via an access point, and only then reaches the sites that users want to visit.
Without any encryption of communications between users and the access point it’s a simple task for a cybercriminal to intercept all the data a user enters. That might include data sent to a bank, or an online store. Moreover, attacks like this are possible even if the hotspot is password protected and a secure https-connection between the required site and the user’s browser is established.
What data are cybercriminals interested in? Anything they can use to make a profit – especially account logins and passwords for e-mail, e-banking, e-payment and social networks.
It’s obvious that we need to secure Wi-Fi connections – but how?
Kaspersky Lab recommends only using secure connections to access points. This alone will greatly reduce the risk of the traffic being intercepted by cybercriminals. However, when users are planning to use sites which demand personal information such as usernames and passwords, this basic precaution must be joined with additional protective tools.