Football fans flying from England to Russia for the FIFA World Cup 2018 have been warned that Russia’s WiFi networks “may not be safe”.
The National Cyber Center (NTCC) revealed in its blog post that hotel and public Wi-Fi connections could potentially not be safe, so it’s important for those attending to carefully consider what information they might be sharing when using those connections.
NTCC advises World Cup attendees to stay alert when using devices; not share phones, laptops or USBs with anyone; be cautious with any IT related gifts such as USB sticks; keep devices with them at all times; and noted that hotel rooms, safes and lockers are not always secure because of others having access codes or keys.
‘Lack of traffic encryption’
“We know that cybercriminals use major sporting events as a way of making money – through phishing campaigns, for example. However, they can also target people ‘on the ground’. When large-scale events like the FIFA World Cup are paired with a lack of traffic encryption, it makes wireless Wi-Fi networks a target for criminals who want easy access to people’s personal data,” said David Emm, Principal Security Researcher at Kaspersky Lab UK.
“We found that around one-fifth of access points in FIFA World Cup host cities was open, i.e. unprotected. And even the others shouldn’t be considered fully secure: there’s still a risk, for example, of a criminal creating a fake hot-spot that masquerades as the legitimate one.”
‘Prime target for hackers’
According to Emm, those travelling to Russia should connect via a Virtual Private Network whenever possible, because encrypted traffic is transmitted over a protected tunnel, meaning criminals won’t be able to read your data, even if they gain access to it.
“Our research shows, once again, that cybersecurity involves addressing not just certain aspects, but the entire infrastructure. FIFA World Cup 2018 has advised people to be aware that free public Wi-Fi in Russia is a prime target for hackers, as in most countries in the world,” he added.
Emm also noted that it’s important to remain vigilant if a network requests a strong password. For example, fraudsters can find out the network password at a coffee shop and then create a fake connection with the same password. This allows them to easily steal personal user data.
To maximise protection, Wi-Fi connections should also be turned off whenever not being used, and automatic connections to existing networks should be disabled.
Written by Leah Alger