Europol, the law enforcement agency for the European Union, is warning that people should exercise extreme caution when using WiFi hotspots when out and about. Citing an increase in the number of "man-in-the-middle" attacks on such connections, the head of Europol's cybercrime division, Troels Oerting, said that public WiFi connections are being used to "steal information, identity or passwords and money from the users who use [them]". The advice is to not necessarily stop using public networks, but to avoid using them for anything that involves transmitting personal data.
Singled out for particular attention is online banking, which Oerting suggests people should do "from home where they know actually the wi-fi and its security" rather than in a coffee shop. Europol is currently working with several member states of the European Union following in an increase in the number of WiFi network attacks.
It is a relatively simple task to intercept data that is being transmitted over an open network such as those found in public places like libraries and hotels, meaning it is easy for personal information to fall into the wrong hands. Usernames and passwords can be gathered in addition to other data that could be exploited by a criminal, and very little equipment is needed.
The numbers of people who seek out free WiFi connections in towns and cities, many of whom have little or no knowledge of internet security, shows no signs of declining. An investigation by the BBC found that the problem of "evil twin" networks was very prevalent, and would-be surfers could be easily tricked into connecting to a fake network in which their activities can be monitored. But even on a supposedly secure network it is possible, with the right snooping software, to track virtually all online activity. The investigation also found that mobile apps broadcast a great deal of information including username, passwords and contact details, and these could also be grabbed with special tools.
As with many online problems, the solution comes in the form of education. Opting to use secure networks is part of the solution, but even this is not completely infallible. The best attitude for anyone to adopt is to use only networks that are encrypted, stick to using mobile data connections rather than WiFi, or just wait until you get home -- and turn off the auto-connect feature on your phone and tablet so you don’t automatically get put online when you're in range of a network you have connected to before.
Image Credit: watcharakun / Shutterstock