Over a Fifth of Public WiFi Networks In World Cup Cities Do Not Use Encryption

The world’s most popular sporting event is mere days away. The 32 competing nations are running their final drills in friendly games. Millions of fans are already daydreaming about the clashes. At the same time, a few but dangerous number of individuals are fretting their hands, waiting to pounce on unsuspecting victims.

The FIFA World Cup 2018 is set to take place in Russia, starting on June 16. Thousands of people are already flocking to the host cities, bringing along with them heaps of connected devices. Naturally, the vast majority of those will be relying on public WiFi networks, a ground notoriously suspect to hacking.

Kaspersky Lab, a multinational cybersecurity company headquartered in Moscow, recently analyzed public Wi-Fi spots in the 11 FIFA World Cup 2018 host cities – Saransk, Samara, Nizhny Novgorod, Kazan, Volgograd, Moscow, Ekaterinburg, Sochi, Rostov, Kaliningrad, and Saint Petersburg – and the results are far from reassuring. Here’s what they found out.

The research showed that so far not all wireless access points have encryption and authentication algorithms, a particularly troubling observation that means that hackers only need to be located near an access point to intercept network traffic. They found that 7,176 of approximately 32,000 public Wi-Fi networks in he World Cup, or 22.4%, did not use traffic encryption.

The research also showed that Saint Petersburg, Kaliningrad, and Rostov were the riskiest cities, with the highest percentages of unreliable Wi-Fi networks. In contrast, the safest places turned out to be relatively small towns, such as Saransk, which only has 10% of its WiFi spots compromised, and Samara (17%)

And only roughly two-thirds of public WiFi networks use WiFi Protected Access (WPA/WPA2), a protocol considered to be one of the most secure.

Kaspersky also issued a number of recommendation, here they are:

  • Whenever possible, connect via a Virtual Private Network (VPN). With a VPN, encrypted traffic is transmitted over a protected tunnel, meaning criminals won’t be able to read your data, even if they gain access to it.
  • Do not trust networks that are not password-protected, or have easy-to-guess or easy-to-find passwords.
  • Even if a network requests a strong password, you should remain vigilant. Fraudsters can find out the network password at a coffee shop, for example, and then create a fake connection with the same password. This allows them to easily steal personal user data. You should only trust network names and passwords given to you by employees of the establishment.
  • To maximize your protection, turn off your Wi-Fi connection whenever you are not using it. This will also save your battery life. We also recommend disabling automatic connections to existing Wi-Fi networks.
  • If you are not 100% sure the wireless network you are using is secure, but you still need to connect to the Internet, try to limit yourself to basic user actions such as searching for information. You should refrain from entering your login details for social networks or mail services, and definitely do not perform any online banking operations or enter your bank card details anywhere. This will avoid situations where your sensitive data or passwords are intercepted and then used for malicious purposes later on.
  • To avoid being a target for cybercriminals, you should enable the “always use a secure connection” (HTTPS) option in your device settings. Enabling this option is recommended when visiting any website you think may lack the necessary protection.