Public WiFi is ubiquitous. Pretty much anywhere you go these days, you’re going to find a free network you can connect to. Stop in to grab some coffee, free WiFi. Grab lunch at the restaurant downtown? Free WiFi. It’s everywhere, and that’s at least part of the problem.
At this year’s Democratic National Convention, security company and antivirus software maker Avast set up a number of dummy WiFi hotspots in order to see how many people would connect to them. It turns out, a lot did. In fact, more than 1200 people did, and nearly 70% of them revealed their identities.
These statistics should actually not surprise anyone. With public WiFi being so commonly available, many people have their smartphones and laptops set up to automatically connect to any available WiFi connection. Once connected, those same people use them, just as they would use a secure connection.
Unfortunately, hackers are well aware of this trend and tendency, and it’s actually quite easy, using off the shelf technology, for just about anyone to set up a WiFi hotspot. A determined hacker can easily set up a dummy hotspot, get people to take the bait by doing so in any location where people are expected to gather, capture all of the traffic that flows through the hotspot, and use it to gain access to a multitude of devices, gain all sorts of personal information, then sell it to the highest bidder on the Dark Web.
This is an area that doesn’t get a lot of attention when educating employees about potential security risks, and it should. Consider the potential hazards if an employee who uses a smart device to access sensitive corporate files accidentally or casually accesses a fake WiFi hotspot.
The hacker controlling that hotspot would not only be able to gain access to the user’s personal information and potentially steal his identity, but he’d also be able to access any corporate or proprietary data that individual has access to.
The ramifications are staggering. Is your company prepared to deal with the fallout?