Analyzing more than 31 million WiFi hotspots around the world, cyber security company, Kaspersky Lab found that every fourth (28%) is unsecured and poses a risk to users’ personal data.
It said that all the traffic transmitted over those networks, including personal messages, passwords, documents and much more, can be easily intercepted and used by attackers.
Based on information obtained via the Kaspersky Security Network, about 25% of the world’s WiFi networks have no encryption or password protection of any kind. In other words, the information they transmit is completely open and can be read by third parties. Another 3% of hotspots use WEP (Wired Equivalent Privacy) to encrypt data. This unreliable protocol can be “cracked” within minutes using tools that are freely available on the Internet, according to Kaspersky Lab.
The rest of the nearly three-quarters of Wi-Fi hotspots use a more reliable form of encryption based on the family of WiFi Protected Access (WPA) protocols. The effort required to hack these networks depends on the settings, including the strength of the password. For instance, if it’s a weak or publicly accessible password (e.g., on display in a cafe), a criminal will also be able to de-crypt any transmitted data over the WiFi network.
Kaspersky said its worth noting that the top 20 countries with the highest percentage of non-encrypted WiFi hotspots includes many popular tourist destinations – Thailand, France, Israel, the US and so on. Travelers are among the most vulnerable because the nearest available WiFi hotspot is often the only way for them to stay connected. At the same time, another study suggests only 57% of Internet users are concerned about their data being intercepted during a WiFi session.
“We advise all users to remain vigilant when connecting to Wi-Fi. Don’t use hotspots without passwords and don’t use public hotspots to perform high-risk activities such as online banking or shopping, logging on to sites or for transferring confidential information. If that sort of traffic is intercepted by a third party, it could result in serious losses, including financial losses. And of course, we strongly recommend using additional measures to protect traffic, such as VPN (Virtual Private Network) technology,” explains Denis Legezo, Antivirus Expert at Kaspersky Lab.
Kaspersky Security Network is a complex cloud-enabled distributed infrastructure that automatically processes huge amounts of annonymous cybersecurity-related data in order to ensure the quickest reaction times to new and advanced threats.