Let the (Hacking) Games Begin: Reducing Risks on Public Wi-Fi Networks During the Games


The 2012 London Olympics are (so far) meeting the expectation of being the most connected Games ever, for better and for worse. Viewers and attendees of last Friday’s opening ceremony shared their thoughts real-time on the polarizing event, with 97% using Twitter as their social media engine of choice. Twitter users were blamed for a total network jam-up during a road cycling race this past weekend, and users and media are anxiously watching the networks near the Olympics to see if they can handle traffic equivalent to “four royal weddings per day for 17 consecutive days,” according to one Olympics spokesperson.

Most social media users at the Olympics – and any other high-traffic event – aren’t likely to save their posting for only “urgent updates” as a spokesperson for the Olympic Broadcasting Service suggested. Mobile device users are going to be looking for the nearest available Wi-Fi hotspot to get online, and may not be aware of potential hackers lurking on these open networks.

Today, IDG Connect published a byline penned by our own Christian Gunning with some tips for using public Wi-Fi networks at the Olympics, or any other high-traffic location. These tips should hopefully help spectators come home with great memories, and not unwanted souvenirs like hacked personal accounts.

Check it out below:

Let the (Hacking) Games Begin: Reducing the Risk of Cyber Attack on Wi-Fi Networks During the Olympics

Source: IDG Connect 

All of the pundits agree: the 2012 London Olympics are set to be the most connected and social in history. An estimated five million visitors are expected to attend the games, and most are expected to be toting their smartphones, tablets and other mobile devices.

Though the city has prepared for this mobile onslaught by adding thousands of hotspots in the London area and Olympic Park and increasing overall bandwidth available for mobile networks, LOCOG still expects demand for bandwidth to outpace availability, resulting in slow and potentially unavailable networks, pushing many mobile users to the nearest usable hotspot.

The influx of connection-hungry visitors, skyrocketing mobile traffic and new hotspots means one thing for hackers: the Olympics are a golden opportunity for exploitation and data capture.

Crafty data thieves can set up “evil twin” access points that look like the real thing but are really man-in-the-middle attacks on end users that funnel all traffic through a computer that is capturing personal data being sent online. Even the laziest hackers can use tools like Firesheep for one-click access to a user’s personal info on commerce and social networking sites allowing nefarious characters to sidejack user sessions. More aggressive hackers can even take up residence on a busy public Wi-Fi network to install malware to scan for private information.

Keeping data secure during a high-traffic event is the responsibility of both the network operator and mobile device users. A well-managed network can mitigate threats to users, and users can surf smart by taking just a few simple steps.

 What Operators Can Do to Reduce Risk

  • Disable peer-to-peer traffic: Disabling LAN-based peer-to-peer traffic can prevent hacker snooping of local resources, as well as malicious or inadvertent communication between users. It can also prevent hackers from using manual or automated probes and worms from spreading.  By focusing on the local network, there is no impact on WAN-based peer-to-peer technologies like Skype or IM, and it has the added benefit of crippling simple tools like Firesheep.
  • Block incoming connections: Using a network firewall to prevent arbitrary incoming connections can help prevent users from being exposed to hackers probing for weaknesses.
  • Monitor for rogue access points: Managed network providers can prevent “evil twin” networks from cropping up by monitoring for unauthorized access points that try to come online using the designated network identifiers. Network providers can use a denial-of-service counterattack to move users who have unwittingly signed on to an evil twin network back onto the legitimate network and shut down the exploit before it starts.

Steps Users Can Take to Stay Secure

  • Use a VPN: Mobile users who are in hurry to share a final score or a photo, and who are used to using protected connections at work and at home, can easily forget this simple preventative measure. Securing all connections on public networks via VPN will encrypt all user communications – indeed this can thwart both man-in-the-middle and Firesheep attacks, among others. Many personal VPN services are available for a small fee, while others, like Boingo’s Secure VPN for iOS devices, are available free for customers.
  • Secure connections: Most popular services – like Twitter, Facebook and Gmail – can be configured to connect using a secure method. Five key letters to remember when logging on to a website on a public network: HTTPS.  Beyond configuring each of your key web services to default to SSL-encrypted sessions, you can also use third party browser extensions like HTTPS Everywhere from the EFF to force SSL when it’s available.
  • Update passwords: Users can improve their odds of staying secure by creating complex temporary trip passwords and changing them every few days while traveling.
  • Surf smart: Though checking the bank balance might be a top to-do at the Games, users should avoid logging into financial, healthcare or other personal sites on public networks, period.
  • Use a trusted Wi-Fi provider: If possible, users should try to connect to a network managed by a trusted Wi-Fi provider. BT is the official communications provider for the Olympics, with hotspots deployed in and around London and Olympic venues, and has agreements with companies like O2, Boingo and Tesco Mobile to allow their customers to roam onto their networks. Mobile users should check to see where their provider has hotspots in the area, or for the venue’s official Wi-Fi SSID, before they head to the Games for the day.

Though data traffic and social engagement during the Games is sure to be overwhelming, hotspot operators and mobile users can reduce their risk by staying aware and taking these necessary precautions.

About Melody Demel

Melody is Senior Manager, PR for Boingo Wireless, where she is responsible for media relations, brand building and thought leadership initiatives. Melody is a die-hard Nebraska Cornhuskers fan and retired NCAA DI college field hockey player.
This entry was posted in Boingo, Featured, Technology, Travel and tagged , , , , , , , , , , . Bookmark the permalink.

Comments are closed.