Public Wi-Fi networks: What are the dangers for your business?
Whether or not your business in Singapore has embraced the shift to flexible and hybrid working arrangements in the post-COVID-19 world, today’s employees have access to work emails and company information on their smartphones. Push-notifications have meant that many will be tempted to check their emails and send quick replies when they’re on the go, and chances are this will be done over free, public Wi-Fi networks.
Far from harmless, public Wi-Fi networks pose many risks for businesses. As these networks are typically unsecured, they’re more likely to result in cyber attacks and data breaches, which can have massive financial and non-financial repercussions. In fact, a key change to Singapore’s Personal Data Protection Act (PDPA) means that fines for data breaches can be up to 10% of annual turnover in the city-state or SGD $1 million, whichever is higher.
On this note, Pacific Prime Singapore will share with you some of the risks associated with using public Wi-Fi, and the steps your employees can take to mitigate the risks.
6 risks of using public Wi-Fi networks
The risks of using public Wi-Fi networks is a type of cyber risk, which is increasing due to the COVID-19 pandemic. The following goes over some risks to be aware of, as it’s important to understand the risks before you can attempt to mitigate them. Be sure to communicate these risks to employees as well via training programs.
Encryption helps keep information secure online – turning the information into code to avoid it being accessed by attackers. A secure wireless network encrypts all the information sent using the network. If employees use an unsecured public Wi-Fi network to log in to an unencrypted site, others users who use that network can see what employees see.
Tip: Most public Wi-Fi networks don’t encrypt information sent using the network. A sign that the network is unsecure is if it doesn’t require a WPA or WPA2 password.
2. Rogue Wi-Fi networks
A rogue Wi-Fi network could be set up by an attacker. For example, setting up one Wi-Fi network at a cafe titled ‘Free Wifi’. Once your employee signs into this network, the attacker can not only see what the employee sees, but they can also jump in and alter what the employee sees and gather sensitive company information.
3. Man-in-the-middle attacks
A man-in-the-middle (MitM) attack is when an attacker intercepts communication between two parties to eavesdrop secretly. When a device connects to the internet, data is sent from that device to a service or website. That’s when various vulnerabilities can enable an attacker to get in the middle of these transmissions and see them all.
A portmanteau of ‘malicious’ and ‘software’, malware is a piece of software (worm, virus, trojans) that can be delivered to your employees’ device in a number of ways, including through unsecure Wi-Fi networks. The infected software can then be used to gain access to sensitive company information on your employees’ device.
5. Worm attacks
A worm is a type of malware. It can make copies of itself from one device to another device. It can replicate itself without human interaction. What’s more, it can also cause damage without needing to attach itself to a software program. Employees connected to a public Wi-Fi are at risk of a worm attack, which leaves sensitive company information vulnerable.
6. Ad hocs
Ad hocs are peer-to-peer (P2P) networks that connect two devices directly. Typically, they use the same channels as Wi-Fi connections. When your employees use public Wi-Fi networks, their devices will most likely be set to discover new networks. Attackers can directly connect and gain access to employees’ devices if they’re within range.
Precautionary measures for connecting to a public Wi-Fi network
Given the risks associated with using public Wi-Fi networks, it’s advisable to avoid connecting to them altogether and connecting to one’s mobile hotspot instead. If your employees need to work on the go, it might be worth subsidizing their mobile phone bill to encourage them to be liberal with their mobile phone data. That being said, it may not always be possible to avoid connecting to public Wi-Fi. In which case, employees can:
- Make sure all devices are covered by good anti-malware software;
- Have a firewall enabled at all times;
- Turn off Wi-Fi auto-connect settings and Bluetooth discoverability settings;
- Connecting to a VPN for added security;
- Convert to the more secure version of Hypertext Transfer Protocol Secure (HTTPS);
- And more.
Secure cyber insurance via Pacific Prime Singapore today
In the unfortunate circumstance where your sensitive company information is leaked or if you’ve become a victim of cybercrime in Singapore, you’ll need to report the cybercrime. In many cases, it can pay to have a cyber insurance solution in place. This type of insurance safeguards your business from potential cyber-related losses, as it has benefits for extortion, forensics, and notification costs to clients following a breach.
Looking for robust cyber insurance in Singapore? As a global insurance brokerage, Pacific Prime Singapore has a range of business insurance solutions for your company, including cyber insurance plans. We have been in the sector for over two decades now, and are experts in helping companies identify business risks, as well as design and implement tailored solutions.
To learn more about our business insurance solutions, please arrange a consultation with our corporate team today!
- Singapore ranks near the top in Nikkei’s COVID-19 Recovery Index - July 16, 2021
- How to network effectively during the COVID-19 pandemic - July 9, 2021
- What are the most in-demand jobs for expats in Singapore? - July 2, 2021