While this project will enable more and more Indians to access information and the opportunity it has to offer, accessing public WiFi services also comes with a huge risk
Following Prime Minister Narendra Modi's recent US visit, India is all set for a free, public WiFi services boom. The search-engine giant Google, in partnership with Indian Railways and and RailTel, will set up high-speed WiFi services across 400 stations; the first 100 will be covered by 2016 end.
Google's Indian-origin CEO Sundar Pichai estimated that the first phase of this project will make WiFi services available to about 10 million people, those who pass through these railway stations, every day.
While this project will enable more and more Indians to access information and the opportunity it has to offer, accessing public WiFi services also comes with a huge risk. But how much are we aware of those risks? Despite having a fair knowledge of the risks involved with certain online activities done in public spaces, we tend to overlook them.
Presently, WiFi services at public spaces like airports, coffee shops and rail stations are being widely used in the country to perform various tasks.
A 2013 study by Kaspersky, an internet security provider, found that with the advent of new gadgets and applications people increasingly prefer to do their financial transactions online using their portable electronic devices.
A Kaspersky survey which collected responses from 8,605 respondents, men and women from 19 countries in Europe, the Middle East and the Asia-Pacific region, besides the US, showed that an average household has at least 4.5 devices that are used to perform various tasks. According to the survey, “98 per cent of respondents use a device to conduct financial operations, 74 per cent of respondents regularly use e-wallets and payment systems. Meanwhile, online shops, banking services and social media are the most popular resources among owners of always-on devices.”
The convenience and anywhere and anytime access to money through electronic payment systems and online banking services have made the life of millions of people across the globe easy. In the meantime, it has provided modern-day thieves with a new outlet to perpetrate various crimes with little effort and under the cover of anonymity.
"It just takes a few minutes to a hacker like me to break into a server that is beaming WiFi at a public place and then get into the devices connected to it and wipe all their information clean," says Varghese Babu, a software engineer and an ethical hacker based in Thiruvananthapuram.
Ethical hackers are those who break into a computer system to identify its security vulnerabilities, which could be exploited by a malicious hacker, and help reduce the risk of online attacks.
But it is not just your bank savings that are at risk. Each time you log on to a public WiFi you are running a great risk of exposing enormous data. Unlike home WiFi, public hotspot are not encrypted. Activities performed on such WiFi networks are highly vulnerable to online attacks and could expose your details that could be used to rob you of money, opportunity and your identify.
A hacker can rig the whole set-up at a public hotspot to his advantage and sit right in the middle of you and the WiFi, intercepting all the electronic data going back and forth.
"Once a hacker manages to get into your device, the device becomes a zombie to his command. The perpetrator can hijack your full contact book, pictures, videos stored on your mobile phone memory, emails, WhatsApp chats and other details," says Babu.
At times, hackers armed with a router can even establish a fake WiFi gateway with trusted names, making users connect to it without any suspicion.
“In a coffee shop, I can create an open hotspot with a fake WiFi login page of that coffee shop. Once unsuspecting users are connected to such honeypot, it makes them highly vulnerable to online attacks,” says Babu.
While Babu shared one or two tricks with us that could be used by hackers at public hotspots, another cyber security expert says with today's technology all it takes is a simple device for the job.
"When you access even semi-public WiFi at the lounge of an airport, there is huge risk associated with it. Criminals don't even have to hack, if they just have a device that would not cost more than $100, and sit within 10 to 15 meters of their potential targets, they can scramble all their signals," says Tobby Simon, president and founder of Synergia Foundation, a Bengaluru-based do-tank on strategic security working in the field of geo-economic and geo-security for over three decades, with affiliates in different parts of the world. He doesn't even mention his mobile number in his business card as part of safety measures.
Vinod Bhattathiripad, a computer scientist based in Kozhikode, says that a public hotspot set-up provides ample platform for hackers to perform various crimes, including launching cyber attacks against government institutions and distributing malware. Bhattathiripad has been working on cyber forensics with the police, judiciary, intelligence, and banks for over eight years now.
The cyber experts are of the opinion that the onus eventually falls on the individuals as their online safety lies in their own hands.
"The level of internet hygiene among the public in the country is very low," says Simon. He advises internet users to exercise caution while on a public WiFi.
"Internet was designed for sharing. And now when you say it is not safe sharing anything online, it goes against the DNA," he says. "What we can do is we have to make personal choices on what to share online when we are connected to a public WiFi."
Online privacy and safety is a myth. There is someone or something that would always eavesdrop and decode your activities and information online. However, internet users can reduce the damage and keep cyber criminals at bay by following some level of hygiene in their online activities. Demarcating sensitive and valuable information and keeping them off the grid as much as possible is one of the ways to safeguard yourself from cyber crimes.
"When you are on a public or unsecured WiFi do not access your social media sites like Facebook, Twitter and so on. Do not log on to online chatting. Completely avoid doing online banking, shopping and accessing your business network," says Bhattathiripad, suggesting restraining to information browsing while using such hot spots.
Tips to safely use a public WiFi network:
-Completely avoid connecting your devices to public and unsecured WiFi.
-Avoid all financial transactions.
-Avoid online shopping.
-Don't access your important emails.
-Don't share date of birth, password.
-Don't click on mails you don't know.
-Don't share confidential personal or professional details online when you are on a public WiFi.
-Be aware of your surroundings, take a look at who are sitting around you and maintain a safe distance from them.
-Make sure nobody can see your device screen or is even near you when you key-in your confidential passwords, because a cyber criminal would be able to identity these details by looking at your finger movements.
-Keep WiFi in your devices off when not in use.