Over one third of users take no extra security precautions when logging onto public WiFi.
This was revealed in the Kaspersky Consumer Security Risks report conducted by B2B International and Kaspersky Lab.
The survey was conducted over several months in mid-2013 and questioned 8 605 respondents, both men and women, across 19 countries in Europe, the Americas, the Middle East and the Asia-Pacific region. All participants were older than 16 and the 'overwhelming majority' use the Internet and various mobile devices.
"Nowadays, it's easy to get online - in addition to cellular networks and broadband cable communication networks, there is often at least one hotspot that can connect computers and mobile devices to the Internet," says Kaspersky Lab.
The problem is that a lot of these hotspots do not provide adequate protection for their users, and most users are woefully ignorant of this fact, the company adds.
Over and above the 34% who took no special precautions, 14% of respondents admitted they were happy to both shop and bank online, using any network available. A mere 13% said they took the time to check the encryption standard of a network before they logged on.
Storm in a teacup?
Kaspersky Lab asks whether it makes sense to exercise extra caution when using public WiFi, or if the concern is overrated.
The security giant is of the opinion that it is vital to take precautions, mostly to prevent man-in-the-middle (MITM) attacks.
A MITM attack is a form of active eavesdropping in which the attacker makes independent connections with his targets, relaying messages between them. All the while, the victims believe they are talking to each other only, on a private connection, while in reality the attacker is controlling the conversation.
"You never know what 'that guy with the laptop at the next table' might be doing," says the company. Although he may be innocently checking his e-mail, or chatting to friends, he could also be monitoring the Internet traffic of the people around him.
Kaspersky Lab says any WiFi access point is a means to Internet access for the devices connected to it. "Every request from a device goes via an access point, and only then reaches the sites that users want to visit."
If the communications between the WiFi point and the people using it are not encrypted, it is child's play for an attacker to intercept all the data a user enters. To make matters worse, this sort of attack is even possible if the hotspot is password protected, and a secure https connection is established.
Share
