Cyber security tips for a hacker-free winter holiday
Tue 24 July 2018 - 5:21 pmSecurity | Tech
It’s school holiday season and thousands of Australian households are hitting the road or packing their passports for some rest and recreation.
Most won’t be planning to make their break a digital detox, given research by The Australia Institute in 2016 showed three in five of us check work emails when we’re officially out of office and off on holiday.
Separating children and young people from their screens can also be tough and access to Wi-Fi can equate to peace and quiet for mum and dad.
For many families, monthly data allowances on smart phones are unlikely to go the distance when they’re away from the home network and seeking out public Wi-Fi can be an imperative for those who don’t want to rack up big bills.
But while lobbing up and logging on to the free network at your accommodation or in the local café or shopping centre can seem like a smart solution, it can also be a way to say goodbye to important private information.
The reason? Hacking Wi-Fi is a relatively easy process and tricking people into connecting to a fake free Wi-Fi network is even easier. The latter is done by setting up what’s known as a ‘fake captive portal’.
A fake captive portal looks like a legitimate free network and may have a similar sounding name but, when you log on, any personal information you submit – think email, banking and social media passwords – can be intercepted and sold on for profit.
Planning ahead and taking a few simple security measures can reduce the risk of you and your family being ‘cyber-mugged’ these holidays.
Here are some tips for keeping the tribe safe.
Spot the fake
Every Wi-Fi network has a Service Set Identifier (SSID). It’s the technical term for a network name. Alarm bells should ring if you have the option to connect to multiple variations that look almostthe same – Fawlty Towers, Faulty Towers and Faulty Tower, say. One is likely to be legitimate; the others probably not.
Confirming which is the real deal can be as simple as checking with staff on the reception desk at your hotel, motel or apartment complex, or with the proprietor of the café or business supplying the service. It’s also worth enquiring whether they offer an encrypted Wi-Fi network which requires a password to access. If the answer’s ‘yes’, use that, rather than the insecure ‘open to all comers’ service.
Keep it private
Australia’s privacy laws changed recently and businesses of all sizes now face steep financial penalties if they’re not diligent about protecting their customers’ personal data and taking prompt steps to remedy any suspected breach. There’s an easy way to ensure you don’t become ‘that person’ – the one who accidentally allowed the customer database to become public information. Disable the public Wi-Fi log-in on your phone before you check work emails or access company systems, do the needful using your phone’s data allowance and double check you’ve logged out of everything before switching back to the free service.
Bank on it
You should be equally defensive when accessing your own sensitive information. If you’re an online banker and need to check your accounts, doing so via a public network can be the cyber-equivalent of standing in a shopping centre and shouting out your PIN. Taking similar precautions online as you would in real life means confining financial transactions to the security of your phone’s data connection not taking a peek at your balance courtesy of the café Wi-Fi while you wait in line for a latte.
Saving Wi-Fi network names makes it quicker to connect next time you need to go online but this may be a convenience you’re better off doing without, at least when you’re far from home. Clearing saved names from phones and devices and disabling the auto-connect feature means you won’t log on to any dodgy networks you’ve unwittingly visited in the past.
Install a VPN
A Virtual Private Network (VPN) is networking software that enables a mobile device to connect to another secure network via the internet and send and receive data safely. If you regularly use your smartphone to access secure or sensitive information, whether your own or for work purposes, it can be technology that’s well worth investing in.
Mark Sinclair was appointed ANZ Regional Director for WatchGuard Technologies in December 2017. In this role, he is responsible for expanding the company’s market presence in Australia and New Zealand, overseeing new revenue opportunities, and managing local customer and partner relationships. Mark has more than 20 years’ experience in the IT industry working for organisations including Oracle, Trend Micro, Tenix and Baltimore Technologies.