30 Jul 2014

Dealing with hackers and their public WiFi tricks

WiFi has a bad reputation when it comes to security, and it’s not without justification.

A favourite hobby for cyber criminals is to set up a WiFi hotspot that looks and behaves like a legitimate public hotspot, and then proceed to watch as it tricks people into logging in and input all of their passwords to all their personal email and finance accounts.

It’s been proven to work. For instance, in 2013, First Base Technologies was able to get very personal details of people through a test public WiFi network, even after forcing these people to consent into allowing their data to be collected (http://computerhelpnj.com/the-security-risks-involved-with-public-wi-fi-connections.html).

There simply isn’t enough awareness about secure behaviour on public WiFi networks within the community, and this translates into either a lack of trust among some customers in using public WiFi at all, or reputational damage if the customer signs into a hacker’s fake WiFi hotspot when they were looking for your legitimate one.

But you want people using your public WiFi hotspot, and feeling secure in doing so. From the ability to send targeted marketing messages, to the collection of legitimate data for improve services, through to the simple goodwill that offering WiFi can build in a customer base, having a secure public WiFi offer benefits almost any Australian business.

So what can you do to reassure customers about signing on to your service?

Having a robust guest WiFi solution that you can guarantee to customers is secure would go a long way in encouraging staff to trust in your public hotspot. A sound managed WiFi service will come with built-in, advanced security features that the provider can run reports on and check for PCI compliance on a regular basis. That in itself would be proof that you’re doing the right thing in offering guest WiFi.

It’s also worth setting up a proper login page for guests. Even if you don’t wish to mandate passwords, a custom splash page with your logo when a customer logs in for the first time can go a long way to build trust in what the customer is logging into.

And, finally, it’s important to properly educate customers about how to use public WiFi securely away from their devices. So many public places offer WiFi, but simply leave their customers to figure out how to log on for themselves, and even such basic knowledge such as the fact you should see a padlock icon in the address bar of any secure website you’re looking to log into is lost on many people. Any organisation offering public WiFi hotspots should, at the very least, have an information sheet it can offer to customers about secure behaviour when using a public hotspot.

It’s getting ever easier to be a hacker, now that basic social engineering techniques giving criminals easy access to people’s data via the manipulation of public WiFi hotspots without necessarily being technically capable. Being able to demonstrate that you’ve got a secure guest WiFi network will be essential if you wish to reap the benefits of offering WiFi into the future.

Top