The security risks of using Wi-Fi on the Tube
The arrival of widespread public Wi-Fi access across London Underground has been broadly welcomed by the general public, particularly those with smartphones and tablets who want to maintain internet access inside stations in order to continue to use their devices.
Following a successful trial during the 2012 London Olympics, the service has expanded rapidly to cover over 100 Tube stations across the capital. Commuters, tourists and casual travellers now have the ability to remain connected and contactable across large parts of the Underground network, 45 per cent of which is out of the reach of mobile phone signals.
However, the use of any open, public Wi-Fi connection poses substantial risks to data and device security. The advent of Bluetooth a few years ago saw the growth of Bluejacking, where open Bluetooth connections on handsets were hijacked or bombarded with unwanted messages. Widespread use of Wi-Fi-enabled devices in a small enclosed area such as a Tube platform risks the devices and their related data traffic being targeted by opportunist hackers.
While the increased open use of high-value devices on the Tube runs the secondary risk of increased physical theft of devices, all potentially compromising work email accounts, VPN connections and any work-related data stored or accessed on the devices.
“While this is a useful and welcome service for passengers, the open public Wi-Fi service offered on the Tube network is akin to those found in coffee shops and other public places. There is no encryption in place so your wireless data could be intercepted by anyone that may have inexpensive “Packet Sniffing’ software installed,” warned Phil Bousfield, GM IT Operations at GFI Software.
“The growth in smartphones and tablets running the likes of iOS, Android and BlackBerry OS has instilled an often false sense of security in users, who feel these devices are not subject to the same security threats as a conventional Windows desktop or laptop. However, malware writers are increasingly turning their attention to mobile platforms, with all devices increasingly at risk of physical or wireless data theft. Whilst Wi-Fi on the Tube is potentially good for productivity, its use should not be encouraged at the expense of information and personal security,” Bousfield added.
Alarmingly, around 170 smartphones a day are being reported stolen in the capital, and the Metropolitan Police has already issued warnings to commuters and pedestrians around Tube stations where the number of smartphone muggings have grown by up to 400 per cent in just a year.