Public Wi-Fi networks boon not safe

New Delhi : If you are a frequent business traveller and spend most of your time away from the safe internet boundaries of your office or home, be warned. Public Wi-Fi networks at the hotel lobby, in the spa, at the poolside or inside a shopping mall are not at all secure for official work, sensitive data sharing or transferring funds. According to a latest report by Russia-based software security group Kaspersky Lab, business travellers, particularly senior executives, are more likely to be deprived of valuable private and corporate data than money as they travel abroad.

One in five persons has been a target of cyber crime while abroad and a third (31 per cent) of them are senior business managers, the report said. "The biggest threat to public Wi-Fi security is the ability for the hacker to position himself between you and the connection point. So instead of talking directly with the Wi-Fi network, you are sending key information to the hacker who then relays it on," Lucknow-based social media analyst Anoop Mishra told IANS. There have been numerous cases where vulnerabilities in public Wi-Fi networks have been routinely reported.

"Hackers have time and again demonstrated that breaking into public Wi-Fi networks is very easy. In fact, hackers often use public Wi-Fi networks for the purposes of hacking into confidential information and data of users who log into these Wi-Fi networks without understanding the cyber security ramifications of the same," Pavan Duggal, one of the nation's top cyber law experts, told IANS. The Kaspersky Lab report found the pressure from work to get online is clouding the judgment of business travellers when connecting to the internet.

Three in five (59 per cent) persons in senior roles said they try to log on as quickly as possible upon arrival abroad because there is an expectation at work that they will stay connected. By the time business travellers reach the arrivals' terminal, one in six is using their work device to get online. According to experts, open Wi-Fi networks are generally unencrypted because you don't have to enter a passphrase key when connecting. "While working in this setup, the hacker has access to every piece of information you're sending out on the internet important emails, credit card information and even security credentials to your business network," Mishra said.

This was illustrated most sensationally with Firesheep, an easy-to-use tool that allows hackers sitting in coffee shops to snoop on other people's browsing sessions and hijack them via open Wi-Fi networks. "More advanced tools like Wireshark could also be used to capture and analyse traffic on public Wi-Fi networks," Mishra added. Another report from EMC Corporation the world's largest data storage multinational revealed last week that Indian businesses lost over $1 million from data loss and downtime in the last 12 months.

If you're accessing something sensitive on public Wi-Fi, try to do it on an SSL (Secure Socket Layer) encrypted websites. The Https browser extension can reduce the risk by redirecting you to an encrypted page when available. A VPN (virtual private network) connection can also protect you online. "A VPN connection is a must when connecting to your business or banking through an unsecured connection like an open Wi-Fi hotspot.

Even if a hacker manages to position himself in the middle of your connection, the data here will be strongly encrypted. Since most hackers are after an easy target, they'll likely discard stolen information rather than put it through a lengthy decryption process," Mishra pointed out. Remember that any device could be at risk – be it laptop, smartphone or tablet.

By Nishant Arora