Return to the list of client alerts
Public WiFi, as I have said many times, is a risky proposition. But how risky and which public WiFi? Coronet security tested the public WiFi of 45 US airports and ranked them from worst to best. However, even the best isn’t very good. See what they found and what you should be doing to protect your employees.
WiFi is inherently not very secure. If you put it in a place where hundreds of thousands of people go, it becomes less secure. It is easy for an attacker to blend in, launch an attack unseen and immune from capture. WiFi in your office, PROBABLY OK – not great but OK. WiFi at Starbucks – less OK. WiFi at some large place like an airport – not good at all.
At airports, like Starbucks (I am not picking on Starbucks in particular, it is just a good example), WiFi is designed to placate people. In the case of Starbucks, they want you to buy something, hop on their WiFi while waiting in line or sit down at a table and do some work and then buy some more stuff. At the airport, the problem is a little different. You have to get there early in case there is a problem with security and then you just have to wait. On top of that, flights get delayed. More waiting. In both cases, they want to keep you happy, but unlike the WiFi at your office, providing you Internet connectivity is not part of their core mission, it is just a side show.
As a result, the WiFi at airports is unsecured, unencrypted and likely poorly configured. They want to make it easy for you to use. They do not want any tech support issues. No security means less calls.
Here is what Coronet found –
The Five Worst:
San Diego International – 10 out of 10 when it comes to risk
John Wayne – Orange County – 8.7
William P Hobby (Houston) – 7.5
Southwest Florida International (Ft. Myers) – 7.1
Newark Liberty International – 7.1
Want to feel safe. Well, maybe less unsafe?
Raleigh Durham only scored a 4.9 threat index. That is better than 50/50. Better than a crap shoot.
What do the hackers do? ARP poisoning, Evil twins, Honeypots. Vulnerabilities in Office and GMail. All kinds of attacks.
So what should you do?
First, even though it is tempting, if it is at all possible, avoid airport WiFi. Hotel WiFi is not far behind. Unfortunately.
The next best form of connectivity is cellular. Use your phone or a WiFi puck as a hotspot, but make sure that you are connecting to the hotspot that you think you are connecting to.
Be suspicious – very suspicious of any messages that you get. Any suggestions to click on a link or install an update. If even a little bit in doubt, don’t do it. DO NOT install updates. Period. Wait till you are at a safer place.
Don’t conduct any business that is high risk. Avoid online banking or bill pay, for example.
If you have to connect to a cloud service, check carefully before entering any credentials – make sure that you have an SSL (HTTPS) connection and that the website address is what you are expecting. Not something close. Wellsfargo.com is different than Welllsfargo.com.
Finally, use VPN software from a known provider and make sure that you install any updates that the vendor provides.
Nothing is perfect, but you can do a lot to reduce the risk.
Questions – please contact us.
Want a copy of the report? You can find it at https://www.coro.net/airportthreats/