Almost one-quarter of the WiFi networks in use around Olympic Games venues in Rio de Janiero are insecure.
In the lead-up to the Olympic Games in Rio de Janeiro, Kaspersky Lab analysts and researchers mapped and assessed the security of the WiFi networks visitors will encounter. More than 4 500 single unique access points were discovered in areas near Olympic Games venues – and 18% of WiFi networks tested were open. This means that the data sent and received through them is not encryption-protected and can therefore be compromised.
When we travel, we typically need an Internet connection to share photos on social networks, communicate with family members or order a taxi. However, international roaming data plans are usually very expensive, which is why alternatives are sought, such as WiFi hotspots that are free or more affordable than roaming.
Cybercriminals are aware of such needs and configure fake access points or simply compromise legitimate networks to intercept and manipulate the data being transferred. Open and misconfigured Wi-Fi networks are currently favorited among criminals since these allow them to steal passwords, credit card details and other user sensitive data.
Analysts from Kaspersky Lab conducted research around popular areas, specifically the Brazilian Olympic Committee, the Olympic Park and the Maracana, Maracanãzinho and Engenhão stadiums and mapped the available Wi-Fi networks that visitors will encounter.
Running fast reconnaissance over a period of two days, the analysts discovered more than 4 500 single unique access points in areas marked with a star in the map above. Most of these use the modern 802.11n-hardware that is ideal for working with multimedia since it offers speeds of up to 600Mbps.
When analysing their security, Kaspersky Lab analysts found that 18% of Wi-Fi networks tested were open – which means that the data sent and received through them is not encryption protected. Additionally, it was discovered that 7% of them use WPA-Personal, an algorithm currently considered obsolete which can easily be compromised.
“This is especially concerning as users who connect to these networks may believe their information is protected, when in reality, these networks can be compromised allowing criminals to carry out different types of attacks to manipulate the traffic and user data being exchanged through them,” says Dmitry Bestuzhev, head of research and analysis for Kaspersky Lab Latin America.
In total, 25% of all WiFi networks in areas where Olympic competitions are set to take place in Rio de Janeiro were found to be unsafe or configured with weak encryption protocols that may be easily compromised and manipulated by cybercriminals to steal users’ personal and financial information.
“It is possible to use open Wi-Fi networks and still navigate the web safely. However, the use of a VPN (Virtual Private Network) is necessary. We recommend using this technology regardless of the Internet connection you use while traveling as the info going to/from your device will be encrypted. Even if someone is able to compromise the WiFi network, they won’t be able to access your data without knowing the key to decrypt the message,” notes Bestuzhev.
Before using a VPN connection, it is important to make sure these prevent DNS leak issues. The easiest way to ensure this is to look for providers that maintain their own servers or use software for this function, such as DNSCrypt to encrypt DNS requests. This may seem like a small detail, but such leaks can become a major security problem. Do not trust any connection outside of home or work as it is not possible to know whether or not these connections are compromised.