27 October 2016
A Skycure map (inset), which is still being beta tested, shows Wifi hotspots that may be insecure. Photos: HKEJ,
A Skycure map (inset), which is still being beta tested, shows Wifi hotspots that may be insecure. Photos: HKEJ,

Some free govt WiFi spots expose users to risk of data theft

A handful of the government’s more than 500 free WiFi service spots across Hong Kong are insecure, Apple Daily reported Tuesday, citing test results from Israeli mobile network security firm Skycure.

Free WiFi services provided by the government at City Hall and areas near the People’s Liberation Army Hong Kong Garrison headquarters, the Hong Kong Convention and Exhibition Centre, Victoria Park, Nathan Road in Tsim Sha Tsui and the old Stanley police station were listed as potentially problematic in Skycure’s monthly testing results.

The free WiFi services at Hong Kong International Airport and the International Financial Centre, as well as those in Mongkok offered by telecom service providers could also pose risks.

The Office of the Government Chief Information Officer said the necessary security and monitoring measures are taken with all the government’s free WiFi services, so as to minimize the risk of data leaks.

Skycure said its testing service is still in a test stage and that its data may not be 100 percent accurate.

The Airport Authority said users of its free WiFi service should take measures to ensure the security of their devices and data.

Ocean Park, which will start offering its customers free Wifi service in the fourth quarter, said there were no reports of hackers setting up fake WiFi networks in the theme park.

It will, however, remind customers to take care to select the official network when the service is rolled out later.

Hong Kong Consumer Electronics Alliance president Francis Fong said the security levels of many free WiFi networks may be low, making it easier for hackers to steal users’ data.

The hackers could use software to unlock encrypted data.

Another trick often used by hackers is phishing, in which they set up a fake WiFi network using a laptop computer and a few other simple tools.

Users of the fake Wifi network could have their data exposed to the hackers.

– Contact us at [email protected]


EJI Weekly Newsletter