Fifa World Cup 2018: 20% Wi-Fi hot-spots in host cities potentially unsafe

If you are visiting Russia for the World Cup matches starting from Thursday, think twice before using open Wi-Fi networks.

A new research from Russia-based cybersecurity company Kaspersky Lab on Tuesday warned that more than 20 per cent of Wi-Fi hot-spots in the host cities do not use traffic encryption, making them potentially unsafe for use by football fans visiting the cities.

The results suggest that football fans should take care of their personal data, especially while using open Wi-Fi connections around the FIFA World Cup games.

"The lack of traffic encryption, coupled with large-scale events -- like the FIFA World Cup -- make wireless Wi-Fi networks a target for criminals who want easy access to user data," Denis Legezo, Senior Security Researcher at Kaspersky Lab, said in a statement.

Global events always result in a concentration of people connecting to networks to upload posts, stay in touch with loved ones, and share the fun with others.

However, at the same time, these networks can be used to transfer financial and other valuable information across the Internet.

And it is this information that third parties -- not necessarily criminals -- can intercept and use for their own purposes.

Kaspersky Lab said its findings are based on an analysis of public Wi-Fi spots in 11 FIFA World Cup 2018 host cities, including Saransk, Samara, Nizhny Novgorod, Kazan, Volgograd, Moscow, Ekaterinburg, Sochi, Rostov, Kaliningrad, and St Petersburg.

The results showed that so far not all wireless access points have encryption and authentication algorithms - aspects that are essential for Wi-Fi networks to remain secure.

This means that hackers only need to be located near an access point to intercept network traffic and get confidential information from unwitting or unprepared users, Kaspersky Lab said in the statement.

The three cities with the highest percentage of unreliable Wi-Fi networks are St Petersburg (37 per cent), Kaliningrad (35 per cent), and Rostov (32 per cent), the report said.

In contrast, the safest places were relatively small towns - including Saransk where only 10 per cent of Wi-Fi spots are open, and Samara where 17 per cent of Wi-Fi spots are open.

Almost two-thirds of all public Wi-Fi networks in these locations use the Wi-Fi Protected Access (WPA/WPA2) protocol family for traffic encryption, a protocol which is considered to be one of the most secure for Wi-Fi use, the statement added.

"Our research shows, once again, that cybersecurity involves addressing not just certain aspects, but the entire infrastructure. FIFA World Cup 2018 has confirmed that the event itself is secure -- but users should be aware that clearly its host cities' public Wi-Fi hot-spots are often not," Legezo added.

 

If you are going to visit FIFA World Cup 2018 host cities and use open Wi-Fi networks while there, remember to follow several simple rules to help protect your personal data:

• Whenever possible, connect via a Virtual Private Network (VPN). With a VPN, encrypted traffic is transmitted over a protected tunnel, meaning criminals won’t be able to read your data, even if they gain access to it. 
• Do not trust networks that are not password-protected, or have easy-to-guess or easy-to-find passwords.
• Even if a network requests a strong password, you should remain vigilant. Fraudsters can find out the network password at a coffee shop, for example, and then create a fake connection with the same password. This allows them to easily steal personal user data. You should only trust network names and passwords given to you by employees of the establishment.
• To maximize your protection, turn off your Wi-Fi connection whenever you are not using it. This will also save your battery life. We also recommend disabling automatic connections to existing Wi-Fi networks.
• If you are not 100% sure the wireless network you are using is secure, but you still need to connect to the Internet, try to limit yourself to basic user actions such as searching for information. You should refrain from entering your login details for social networks or mail services, and definitely do not perform any online banking operations or enter your bank card details anywhere. This will avoid situations where your sensitive data or passwords are intercepted and then used for malicious purposes later on. 
• To avoid being a target for cybercriminals, you should enable the “always use a secure connection” (HTTPS) option in your device settings. Enabling this option is recommended when visiting any website you think may lack the necessary protection.