Beware, Public Wifi At Airports And Café’s Are Red Carpets For Data Hackers, Says Agency

Public WiFi hotspot or wireless internet networks installed at airports and railway stations are at risk of cyber attack, government agency Indian Computer Emergency Response Team (CERT-in) has warned.

According to The Times of India report, the nodal agency for responding to computer security incidents in India has rated the vulnerability quotient of public Wi-Fi in the country at “high". The reports say that a person using public wifi or hotspot at the railway stations or at the airports are most vulnerable to cyber attacks.

“Successful exploitation of these vulnerabilities allows an attacker to obtain sensitive information such as credit card numbers, passwords, chat messages, emails etc,” CERT-in reportedly said. 

“This is very serious. Every Wi-Fi network is at risk. It works when the attacker is within the range of the Wi-Fi device, taking advantage of a flaw in the handshake between the device and the router,” Ram Swaroop, founder, CyberSecurityWorks, a Chennai-based security company, was quoted as saying. 

For the time being, the CERT team has advised people not to use any public wifi or hotspot till the issues is resolved. 

Do the following steps to be secure. 

• Avoid connecting to unsecured Wi-Fi networks, especially the ones in coffee shops, hotels, and other public spaces.

• Update your router and devices immediately (if available). Check who makes your router and visit their website to find out how to patch it.

• Avoid using a “virtual private network” (VPN) like TunnelBear.

Earlier this year in May, Ransomware WannaCry swept the world. In India the ransomware attack had hit several banks including some businesses in Tamil Nadu and Gujarat as well.

India was also on the top 10 list of countries to be hit by Petya ransomware attacks. Globally, India took the 7th spot with less than 20 organisations being affected as per the Symantec’s analysis. 

Zomato was affected by a data breach earlier this year which led to details of 7.7 million users being stolen. The company was, however, able to contact the hacker. Reliance Jio was also affected by a data breach this year.  A website called magicapk.com went up the same month allowing anyone to search for personal details of Jio customers. However, this also was taken down after the site went viral.

According to reports, India has witnessed more than 27,000 cyber security threat incidents in the first half of 2017. 

As per the information reported to and tracked by Indian Computer Emergency Response Team (CERT-In), the number of cyber security incidents reported were:

• 2014: 44,679

• 2015: 49,455

• 2016: 50,362

• 2017 (till June): 27,482