We use cookies on this website, you can read about them here »

Accept cookies

News

Public Wi-Fi – Are you putting yourself at risk?

17th January 2017

It is believed that there will be 14m public Wi-Fi hotspots across the UK by the end of 2017. The big benefit is that they are extremely useful for travellers or people ‘roaming’ having access to free or cheap internet access. This is obviously great for ad-hoc and immediate access for social media use or personal chats or video, but such access poses some very real risks to the individual. These risks rise exponentially for businesses or individuals wishing to gain access to more sensitive data or information. Such as accessing bank accounts, connecting to work email or systems or online shopping.

The free and easy use is very appealing but it is no exaggeration to say that many people have no idea of the real dangers they risk!

So what is the problem with public Wi-Fi?

Public Wi-Fi risks

Recent studies have shown that 45% of mobile users (i.e. those using mobile phones or laptops) said they frequently make use of hotspot services on trains, in bars, restaurants and the many other public locations that offer it. Of the 45%, more than 80% access their various social media accounts, 69% use them for general web browsing, 25% for online shopping, 15% use it for online banking, 7% do “business related activities” and 27% admit using it for “other personal activities”.

Therefore of the millions of people using it, all are conducting some form of private, personal or accessing business sites and services while connected to public Wi-Fi.

The word ‘public’ means more than on offer to the public. It can also mean that the data you are passing is also now public.

So, without any additional, correctly configured and layered protection on the mobile device, it is entirely feasible for any connected device to view, record and replicate the traffic sent and received by everyone else on that network. A malicious individual could sit back in a car park or coffee shop and carry out all manner of attacks at their leisure to intercept data as unsuspecting customer’s access online banking or chat on social media. Particularly adept individuals can even set up their own completely legitimate looking hotspots with the primary goal of capturing personal data as they will be able to de-crypt and decode everything you send across their ‘fake’ or ‘rogue’ access point.

Hotspot Vulnerabilities

Generally statistics show that 75% of public Wi-Fi connections are vulnerable to a menu of weaknesses and attacks with the majority not even employing basic encryption, which means that all traffic is visible to anybody with access to freely available software tools.

Here are just some of the ways a hacker could steal data from public Wi-Fi users:

  • Packet sniffing – An attacker attached to the same network can intercept and analyse all traffic sent over a network. This is a basic method, but it’s also very easy to do and can pick up passwords and emails if they’re sent unencrypted.
  • Man in The Middle (MITM) attack – The attacker can pretend to be a legitimate Hotspot and relay data between the user and the site they want to use. Each side believes they are talking directly to the other, but the attacker is able to eavesdrop and, if desired, copy, or alter the traffic. It is entirely possible that the attacker can imitate and use the user’s credentials to login to any site they’ve just visited.
  • Session hijacking If a website is poorly secured (i.e. does not use HTTPS) it is possible for an attacker to hijack the web and impersonate your identity and access your account.
Public Wi-Fi – Are you putting yourself at risk?  
Share this Site