Threats at Public Hotspots

Germany is reported to be increasingly left behind in terms of digitization in public spaces. The reason: There are just not enough hotspots available. A political decision has now been taken to abolish any “disturber“ liability (“Störerhaftung” under German law). This means, the door has been closed for any business models based on cease and desist letters. This will pave the way for more free hotspots in cafés, at airports, train stations and hotels.

Many professionals frequently use free Internet access in remote locations, especially when they travel, making them easy targets for hackers. And while most encrypt their private Wi-Fi to ensure data protection and IT security related to corporate network access, they seldom take the same precautions when surfing the Internet or checking email from public hotspots.

Using public hotspots without protection poses extremely high security risks.  Most public hotspots are – and probably will remain – unencrypted and the majority of common webmail systems forego consistent use of HTTPS. With appropriate tools, freely accessible and easy to obtain, it is far too easy for hackers to interpose themselves between user and access point or replace the login page with a fake look-alike website. This spoofing method provides free reign to access emails or the browsing history, obtaining sensitive corporate and customer data worthy of protection or spreading malware without being noticed.

Despite the dangers, employees on business trips often rely on public hotspots to connect with the office, access email and surf the Internet. A VPN provides additional security through encrypted communications and secured connections to the corporate network. Intercepting such communications and decrypting the data involves significantly greater effort which, at least, prevents easy pickings.

In particular, NCP's new hotspot logon can also eliminate the last remaining security concerns. Via the VPN client, the user is presented an overview of the available Wi-Fi hotspots. For security reasons, the client starts a web browser with reduced features. The client firewall only permits access to the hotspot logon website. The biggest advantage of this procedure is that the user is not required to – and cannot – change the security settings.

Thanks to a unique solution, the NCP Path Finder Technology, the second big hurdle at public hotspots will fall: the blocking of the IPsec communication. NCP's Secure Client automatically recognizes if the company's VPN gateway is not available via IPsec. In this case, the client software automatically switches to a modified mode. Through this technology, highly secure VPN connections are possible everywhere – even if internet access is restricted.