Simon Clayton, chief ideas officer at RefTech, reminds us that public wi-fi is not always as secure as it seems…
Walk past any café or coffee shop and you will see them – the freelancers and homeworkers that are using their local coffee shop as their office.
The so called ‘gig economy’ has encouraged us all to work in a more flexible way and some reports are saying that we will all be embracing the coffee shop working culture in ten years time. Our industry is full of freelancers – the very up and down nature of exhibitions lends itself to people who can work when needed and move on to their next project when not.
But this rise in public working also means that more of us are using public Wi-Fi for work purposes. Free Wi-Fi is now a given in the majority of public spaces – there was even a campaign a few years ago to encourage venues to have free Wi-Fi.
But when you happily log onto your coffee shop Wi-Fi, have you ever considered exactly what or who you are connecting to? It’s incredibly simple for a hacker to set up a free Wi-Fi connection with a legitimate sounding name such as ‘Free Customer Wi-Fi’ and then wait for you to connect.
Once you do, they will be able to see a lot of the data and metadata that your computer transmits. Metadata is information about the data – so even if you’re using HTTPS web pages, the attacker can see the URLs of pages you’re visiting and the URLs of any images on the page (plus other stuff).
These sorts of hacks are called ‘Man in the Middle’ attacks (or MITM for short) and although they are still rare they are incredibly easy to perpetrate with a device that does exactly this being available for around $99 online.
If you are working on a high profile or politically charged exhibition or even sending sensitive information by email you need to be extremely careful. Even if your events are more run of the mill, a MITM attack may be able to read emails you are sending and retrieving which would be a serious worry!
There is a relatively simple way to avoid this by subscribing to a VPN service (Virtual Private Network). A VPN creates a private and encrypted tunnel through which all of your computer’s data will be sent – away from the snooping eyes of anyone looking in. A VPN subscription is around £5 per month so it’s a low-cost solution to a potentially very damaging issue – I personally use NordVPN.
A recent campaign in the press highlighted the dangers of people looking over your shoulder at your laptop whist working in public, but to me, MITM attacks are a more significant and dangerous threat to businesses because they’re much harder to see.