17th January 2017
It is believed that there will be 14m public Wi-Fi hotspots across the UK by the end of 2017. The big benefit is that they are extremely useful for travellers or people ‘roaming’ having access to free or cheap internet access. This is obviously great for ad-hoc and immediate access for social media use or personal chats or video, but such access poses some very real risks to the individual. These risks rise exponentially for businesses or individuals wishing to gain access to more sensitive data or information. Such as accessing bank accounts, connecting to work email or systems or online shopping.
The free and easy use is very appealing but it is no exaggeration to say that many people have no idea of the real dangers they risk!
So what is the problem with public Wi-Fi?
Recent studies have shown that 45% of mobile users (i.e. those using mobile phones or laptops) said they frequently make use of hotspot services on trains, in bars, restaurants and the many other public locations that offer it. Of the 45%, more than 80% access their various social media accounts, 69% use them for general web browsing, 25% for online shopping, 15% use it for online banking, 7% do “business related activities” and 27% admit using it for “other personal activities”.
Therefore of the millions of people using it, all are conducting some form of private, personal or accessing business sites and services while connected to public Wi-Fi.
The word ‘public’ means more than on offer to the public. It can also mean that the data you are passing is also now public.
So, without any additional, correctly configured and layered protection on the mobile device, it is entirely feasible for any connected device to view, record and replicate the traffic sent and received by everyone else on that network. A malicious individual could sit back in a car park or coffee shop and carry out all manner of attacks at their leisure to intercept data as unsuspecting customer’s access online banking or chat on social media. Particularly adept individuals can even set up their own completely legitimate looking hotspots with the primary goal of capturing personal data as they will be able to de-crypt and decode everything you send across their ‘fake’ or ‘rogue’ access point.
Generally statistics show that 75% of public Wi-Fi connections are vulnerable to a menu of weaknesses and attacks with the majority not even employing basic encryption, which means that all traffic is visible to anybody with access to freely available software tools.
Here are just some of the ways a hacker could steal data from public Wi-Fi users: