One in four WiFi hotspots vulnerable to hacking: Kaspersky Labs
Kaspersky Lab has found that every fourth (28 per cent) is unsecured and poses a risk to users' personal data.
After analyzing information on more than 31 million Wi-Fi hotspots around the world, Kaspersky Lab has found that every fourth (28 per cent) is unsecured and poses a risk to users’ personal data. That means all the traffic transmitted over those networks, including personal messages, passwords, documents and much more, can be easily intercepted and used by attackers.
According to Kaspersky Security Network, 25 per cent of the world’s Wi-Fi networks have no encryption or password protection of any kind. In other words, the information they transmit is completely open and can be read by third parties. Another 3 per cent of hotspots use WEP (Wired Equivalent Privacy) to encrypt data. This unreliable protocol can be ‘cracked’ within minutes using tools that are freely available on the Internet.
The rest of the nearly three-quarters of Wi-Fi hotspots use a more reliable form of encryption based on the family of Wi-Fi Protected Access (WPA) protocols. The effort required to hack these networks depends on the settings, including the strength of the password. For instance, if it’s a weak or publicly accessible password (e.g., on display in a cafe), a criminal will also be able to decrypt any transmitted traffic.
It’s worth noting that the top 20 countries with the highest percentage of non-encrypted Wi-Fi hotspots includes many popular tourist destinations – Thailand, France, Israel, the US and so on. Travellers are among the most vulnerable because the nearest available Wi-Fi hotspot is often the only way for them to stay connected.
At the same time, another study suggests only 57 per cent of Internet users are concerned about their data being intercepted during a Wi-Fi session. The flagship solutions Kaspersky Internet Security and Kaspersky Total Security now integrate the new Secure Connection feature that encrypts all data sent and received over a communication channel. Depending on the user settings, Secure Connection can be run automatically when attempting to connect to an unsecured network, or when performing potentially vulnerable operations online.