Criminal theft of private data from public Wi-Fi hotspots is not new, but is increasing. The two most prevalent methods are traffic sniffing and man-in-the-middle attacks using a rogue, criminal-controlled hotspot. Talking to the BBC, Europol has warned the public to be ever-vigilant in public places.
Troels Oerting, head of the European Cybercrime Center at Europol, toldClick (the BBC’s technology show) people should not send personal data across networks they cannot trust. That effectively includes any public Wi-Fi hotspot. “We have seen an increase in the misuse of Wi-Fi, in order to steal information, identity or passwords and money from the users who use public or insecure Wi-Fi connections,” he said.
He was particularly warning about hotspots set up by criminals to masquerade as legitimate hotspots. It’s not a new technique, but seems to be on the increase. “Cybercriminals with nefarious intentions can set up a rogue wireless hotspot and give it an official sounding name, such as ‘Airport_Official’, to attract the unaware. They can then scan all requests, entered passwords, and even direct people to malicious sites. Businesses are particularly vulnerable to these types of attacks due to an ever more mobile workforce,” explains Carl Leonard, senior security research manager EMEA at Websense.
The problem is that mobility has become a way of life. People wish to access the internet from anywhere, at any time for any purpose. Sean Sullivan, security advisor at F-Secure, understands the issues better than most. “Does insecurity stop me from using open hotspots? Nope,” he admits. “I use free Wi-Fi all the time. And I don’t plan on changing that particular habit anytime soon. But I know it’s not secure – free Wi-Fi hotspots are typically available in public places. That’s public as in not private.”
His solution is not to attempt to restrict people’s use of public Wi-Fi, but to protect it. “If you want to use an open Wi-Fi hotspot to search for the latest sports scores – go for it. But if you want to check your bank balance, read your email, have a private chat with your friends – get yourself a VPN service.”
This article has been extracted from http://www.infosecurity-magazine.com/, please click on this link to read this article in full http://www.infosecurity-magazine.com/view/37351/europol-urges-caution-with-public-wifi/
Montash is a multi-award winning, global IT recruitment firm. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Scientific Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.
With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.
For more information about Montash, please visit www.montash.com