As many as 7,176 of around 32,000 public Wi-Fi networks in Fifa World Cup 2018 host cities have not been using traffic encryption, according to Kaspersky Lab research. This makes them potentially unsafe for use, and fans should take care of their personal data, especially while using open Wi-Fi connections around the Fifa World Cup games.
Global events always result in a concentration of people connecting to networks to upload posts, stay in touch with loved ones and share the fun with others.
However, at the same time, these networks can be used to transfer financial and other valuable information across the internet. And it’s this information that third parties — not necessarily criminals — can intercept and use for their own purposes.
Kaspersky Lab’s findings are based on an analysis of public Wi-Fi spots in 11 Fifa World Cup 2018 host cities including Saransk, Samara, Nizhny Novgorod, Kazan, Volgograd, Moscow, Ekaterinburg, Sochi, Rostov, Kaliningrad and Saint Petersburg. The results show that so far not all wireless access points have encryption and authentication algorithms — aspects that are essential for Wi-Fi networks to remain secure. This means that hackers only need to be located near an access point to intercept network traffic and get confidential information from unwitting or unprepared users.
Unreliable networks
The three cities with the highest percentage of unreliable Wi-Fi networks were found to be Saint Petersburg (37 per cent), Kaliningrad (35 per cent) and Rostov (32 per cent). In contrast, the safest places were relatively small towns — including Saransk (only 10 per cent of Wi-Fi spots are open) and Samara (17 per cent of Wi-Fi spots are open).
Almost two-thirds of all public Wi-Fi networks in these locations use the Wi-Fi Protected Access (WPA/WPA2) protocol family for traffic encryption, a protocol which is considered to be one of the most secure for Wi-Fi use. Still, it should be noted that even reliable WPA/WPA2 networks can allow brute-force and dictionary attacks, as well as key reinstallation attacks, meaning they are not absolutely secure.
