If you use public wi-fi, you’re creating an IT security risk for your business. Simply put, bad guys who are on the same public wi-fi can access your computer and steal the data they want. An experiment by Avast at the recent RNC in Cleveland showed that over 1,000 people unknowingly connected to fake (and fortunately safe) wi-fi networks.
Fake Wi-Fi Networks
For the experiment, Avast researchers set up fake Wi-Fi networks at various locations around the Quicken Loans Arena and at Cleveland Hopkins International Airport. They used phony network names (SSIDs) like "Google Starbucks", "Xfinitywifi", "Attwifi", "I vote Trump! free Internet" and "I vote Hillary! free Internet" that were either commonplace or looked like they were set up especially for convention attendees.
Over the course of a day, Avast saw 1,200 users transfer more than 1.6Gbs of data.
Moreover, 68.3% of users‘ identities and other personal information were exposed when they connected. 44.5% of Wi-Fi users checked their emails or chatted via messenger apps, exposing more information.
To protect people’s privacy, the researchers scanned the data, but did not store it or collect any personal information.
Unknowingly Shared Information
Here’s some of the information Republican National Convention attendees unknowingly shared with the researchers at Avast:
- 55.9% had an Apple device, 28.4% had an Android device, 1.5% had a Windows Phone device, 3.4% had a MacBook laptop and 10.9% had a different device
- 10.8% used Google Chrome, 0.2% Mozilla Firefox and 4.2% Safari
- 39.7% have the Facebook or Facebook messenger app installed, 10.7% have the Twitter app installed, 8.0% have Instagram installed
- 13.1% accessed Yahoo Mail, 17.6% checked their Gmail inbox, and 13.8% used chat apps like WhatsApp, WeChat and Skype
- 6.5% shopped on Amazon, and 1.2% accessed a banking app or banking websites like bankofamerica.com, usbank.com, or wellsfargo.com
- 5.1% played Pokemon Go
While some of this appears to be harmless, obviously access to a banking app is destructive in the wrong hands. Also, email access offers all kinds of information, from contacts to potential business deals.
Since mobile devices are often set to connect to known SSIDs automatically, many of us don’t really pay attention to the networks we’re using. The risk is that any one of us can be spied on by cybercriminals who set up a false Wi-Fi network with a common SSID. Moreover, Web traffic can be visible to anyone on any Wi-Fi network that does not request a password.
Avoid the IT Security Risk
Don’t use public wi-fi. It can be tempting to “log on for a minute” in an airport or a coffee shop, but resist the temptation. The IT security risk is simply too great. Think of a productive digital sneeze in a heavily congested area. Sorry for the visual, but that’s the junk you bring back into your home or business network. You are likely to become an unwitting participant in cybercrime.
What should you do instead? Data plans are reasonably priced today. If you want to connect while away, turn on the hotspot feature on your IOS or Android device (with a pass-key). You may connect your laptop or other mobile device to the Internet with that method. Alternatively, many business-class laptops or tablets have cellular cards in them or are “cellular card ready”. Get the card and a data plan and you are ready to connect without using a phone.
If you need help handling IT in your business, contact CRU Solutions.