In today’s mobile world, the average consumer and employee expect to be connected to the Internet no matter the time of the day and place: at home, at work, in the park, at the coffee shop, at the airport, in a shopping centre, or on the go. To meet users’ demand, public WiFi has rapidly become a standard offering for businesses of all types.
Unfortunately, by deploying public hotspots that aren’t secure, many organisations unwittingly put themselves and their customers at risk. This is often the case with small-to-medium sized businesses, who want to offer free WiFi services, without the hassle of investing in comprehensive security solutions.
What are the real risks and implications for businesses that don’t have protection in place to secure their WiFi hotspots?
Cyber criminals are increasingly looking at guest WiFi to perpetrate their crimes because they know most of them aren’t secure, and it is very easy to take advantage of the vulnerabilities associated with unsecured networks.
And among the things they are targeting is what we call DNS (Domain Name System), which is a common protocol computers use to exchange data on the Internet. Most businesses – without often knowing it – use DNS protocols to connect to the Internet. By not securing their public Wi-Fi, the doors are wide open for DNS attacks, putting their data and customers’ data at high risk.
Although the DNS is quite robust, it was designed for usability, not security, and the types of DNS attacks in use today are numerous and quite complex. DNS attacks enable hackers to view browser history, gain access to login information, redirect searches to malicious pages, and potentially take over connected devices.
Webroot’s latest research report revealed a cyberattack on an Australian business with 100 to 499 employees would cost on average AU$1,893,363. It’s clear from this statistic alone, that without investing in appropriate DNS protection tools, small businesses expose themselves to more than just a set of stolen data.
Reputational damage is also a significant issue often underestimated by small business owners. Once the information that your business has fallen vulnerable to an attack is made public, the goodwill of your company and trust you’ve built up with your customers over years is lost in an instant. Especially if the hack was perpetrated through a public Wi-Fi hotspot, which your customers trusted.
By investing in high levels of WiFi hotspot protections and restricting access to malicious, suspicious, or otherwise unwanted websites, such as gambling, shopping or streaming, SMBs can ensure users and devices that connect to their network – and the data they hold – won’t be compromised.
The next article in this two part series will outline best practice tips on ways SMEs can secure their WiFi hotspots, stopping attacks by blocking malicious activity at the time of request, before it jeopardises networks, endpoint and mobile devices.
Dan Slattery, Senior Information Security Analyst, Webroot