The start of 2018 World Football Championship will see many fans in different cities across Russia. They will use any Wi-Fi networks they find considering that the mobile data is quite expensive outside their countries. So, the problem is if this networks are secure or not and how vulnerable are the users.
According to a Kaspersky Lab research, 7,176 of the approximately 32,000 public Wi-Fi networks in cities hosting the 2018 World Football Championship do not encrypt traffic. This means that they can have safety problems, so football fans will have to take care of their personal data, especially when using open Wi-Fi connections.
Global events always gather a large number of people who connect to the network to upload messages, get in touch with their loved ones, and share their fun with them. These networks can also be used to transfer financial data and other important information on the Internet. So far, these data can be intercepted and used in the interest of third parties – who are not necessarily criminals.
Kaspersky Lab conclusions are based on the analysis of Wi-Fi public connections in the 11 cities of the World Football Championship 2018: Saransk, Samara, Nizhny Novgorod, Kazan, Volgograd, Moscow, Ekaterinburg, Sochi, Rostov, Kaliningrad and St. Petersburg. The results show that not all wireless access points have encryption and authentication algorithms, which are essential for Wi-Fi network security. This means that hackers only need to be nearby to intercept network traffic and get confidential information from uninformed or careless users.
The top 3 destinations with Wi-Fi are not safe are Sankt Petersburg (37 percent), Kaliningrad (35 percent) and Rostov (32 percent). Instead, the safest places are in relatively small cities – for example, Saransk (only 10 percent are open Wi-Fi connections) and Samara (with 17 percent). Almost two-thirds of all Wi-Fi networks in these locations use Wi-Fi Protected Access Protocol (WPA / WPA2) for traffic encryption, a protocol considered one of the most secure Wi-Fi.
The type of encryption used in Wi-Fi hotspots in the cities hosting the World Football Championship 2018
However, it should be noted that WPA / WPA2 networks can also allow the use of “dictionaries”, as well as “key reinstallation” attacks, which means they are not absolutely safe.
“Lack of trafficking encryption in the context of large-scale events such as the World Football Championship turns Wi-Fi networks into a target for criminals who want to reach their users,” said Denis Legezo, Senior Security Researcher at Kaspersky Lab . “Even though about two-thirds of all Wi-Fi access points in the World Cup football host cities use Wi-Fi Protected Access Protocol (WPA / WPA2), they can not even be considered secure if the password is visible to anyone. Our research shows once again that cyber security means thinking about the entire infrastructure, not just a few aspects.”
If you participate in the World Cup and use the available Wi-Fi networks, follow a series of simple rules to protect your personal data:
- If possible, sign in with a Virtual Private Network (VPN). With a VPN, encrypted traffic is transmitted via a protected tunnel, which means that cybercriminals will not be able to read your data, even if they can access them. For example, Kaspersky Secure Connection VPN can be activated automatically when a connection is not secure.
- Do not use networks that are not password protected or have passwords easy to guess or find.
- Even if a network requires a solid password, you should stay alert. Offenders can find the password from the network in a cafe, for example, and then create a false connection with the same password. This allows them to easily steal user’s personal data. You trust only the network names and passwords your employees are given in that place.
- To increase protection, turn off Wi-Fi when you are not using it. This will also allow you to save the battery. We also recommend disabling the automatic connection option to available Wi-Fi networks.
- If you are not 100 percent sure that the wireless network you are using is secure, but you still need to connect to the Internet, try to limit yourself to actions such as searching for information and avoid entering social networking data or e-mail services and, above all, do not do online banking or enter your bank card details. This will avoid situations where sensitive data or passwords are intercepted and then misused.
- To avoid being a target of cybercriminals, you should enable the option to always use a secure connection (HTTPS) in your device settings. This is recommended whenever you visit a site that you think may not be properly protected. For more information on the situation of Wi-Fi networks in the host cities of the World Cup, go to Securelist.com.