Tuesday, March 18, 2014

Avoid Losing Personal Data to Hackers in Public WiFi Hotspots

Europol Warning

Europol has warned users against addressing sensitive information whilst using public WiFi hotspots.

Europe's top police officer Troels Oerting said people should only send sensitive data across networks they trusted, such as their own home.

The warning is aimed at avoiding the increase in stolen data from people who use insecure Public WiFi hotspots.

Users are advised not communicate information with banks, shops and social media whilst using an unsecured Public WiFi hostpot.

Open WiFi

There is some difference between connecting to free public WiFi hotspots that is "open" meaning there is no user authentication or security, and one that is professionally "managed".

Users connecting to an open WiFi signal are much more highly exposed to risk of data loss.

This is because all communications from the user to the network will be visible and therefore open to exploitation attack.

Managed WiFi

A managed WiFi user will benefit from user authentication and the highest available levels of data encryption whilst their information is transported across the network.

Filters will also be in place to block a full range of illegitimate activity.

The user risk is to be sure you are connecting to the genuine signal from the service provider and not a rogue signal broadcast by a criminal.

Rogue Signals

A "rogue" WiFi signal may be used by a criminal broadcasting the same name as a genuine provider, making it difficult to stop an unwary user from connecting to it.

However if you are connecting to a managed WiFi it will also normally take you to a first page belonging to the service provider.

Check that the url of the page belongs to the trusted provider you expect as this redirection is part of the user authentication process.

If there is no redirection to a trusted page for password or web authentication you may be connecting to an unsecured "open" WiFi.

Virtual Private Network

It is good practice not to communicate sensitive information in any public WiFi hotspot for security.

And if you must share in a public hotspot Briteyellow recommends using a Virtual Private Network (VPN) which encrypts the data.

Labels: , , , , , , , ,