![[July 6 and 7] DX realized by content cloud, advanced platform for business transformation](https://website-google-hk.oss-cn-hongkong.aliyuncs.com/drawing/article_results_9/2022/3/9/6bbafe438d78271513761788166cbf94_0.jpeg)
ESET Mobile routers are definitely not safe
This article is a mobile router published in the "Malware Information Bureau" provided by Canon IT Solutions!?It is re-edited what to be aware of when using Wi-Fi outdoors.
First, let's review the Internet connection mechanism using mobile.
Here, in order to consider mobile connections outside the office, the subsequent explanations are assumed to be wirelessly connected.Basically, wireless connection to the Internet is as follows.
First of all, except for the connection method called the "stray Wi-Fi" described later, it may be considered that connecting after access points is safe.To put it simply, public Wi-Fi and mobile routers use lines with high-level security measures.However, be aware that even if the safety of the line is high, if the communication content is not encrypted, there is a risk of "peeping".This point will be explained later.
First, let's explain the connection of "terminal → access point".The main ones are "Public Wi-Fi", "Nora Wi-Fi", and "Mobile Wi-Fi", all of which are connected to access points.
・ Wi-Fi service provided by public institutions and stores.It will be accessed using the SSID and password set by the provider.If an unspecified number of users use the same Wi-Fi, it is necessary to pay attention to the risk of "peeping" communication.
・ Public Wi-Fi (Paid Wi-Fi) Public Wi-Fi has a paid version provided by a mobile phone company as well as “free Wi-Fi”.Like free Wi-Fi, it will be accessed using the SSID and password set by the provider, but the line speed is stable compared to the free one.In the case of free Wi-Fi, there are many users and the line speed is often low, but it is said that a paid version often speeds up relatively stable.On the other hand, what I want to keep in mind is the security at the time of connection.Even if it is a paid version, in principle, free Wi-Fi and security level are different.Therefore, a "countermeasures to prevent peeping" will be required later.Also, depending on the OS settings, you should not forget that there is a risk of invasion into your computer.
・ Wi-Fi In many cases, “Nora Wi-Fi” often refers to its own Wi-Fi network that malicious users set up for “peeping and invasion”.However, there are not many Wi-Fi, which is not well managed by the provider due to inadequate management.In any case, it is necessary to pay attention to the fact that access using this method is much higher than the public Wi-Fi, which is much higher in the risk of "peeping" or "fraudulent invasion".The basic measures that the user can take is that they do not access stranger Wi-Fi, but be careful because some malicious things that use the same SSID and password as the public Wi-Fi.I want.
・ Mobile Wi-Fi (including tethering on smartphones) How to connect to the access point via a mobile router terminal and Wi-Fi. This is the safest connection to the three Internet. However, it is assumed that only the user who uses the SSID and password of the terminal to be used can be known. If you use a password that is easy to guess, it may be used by another user called "free ride". Recently, it is said that more and more malicious actions are being used using this "free ride". If you are involved in such actions, there is a risk that you will be treated as a criminal even if you do not remember at all. Therefore, the password should be a difficult character string. If you share your terminal with others, it is desirable to change it each time after use. Mobile routers used in the office are often used by multiple employees, so let's set up rules, such as updating your password in a certain period of time.
Unless the password is known to other users, it is a connection with high safety, but as described later, it should be kept in mind that there will be danger depending on the connection method.
Safety is different depending on the connection method!? Three connection methods with mobile routers
As mentioned earlier, a connection that uses tethering via a mobile router or a smartphone can be considered to be more secure than other connection methods, and it can be considered security.There are three ways to connect with a mobile router, each with its own characteristics.
・ The most used mobile router connected to "via Wi-Fi" is via Wi-Fi.The main reason is that the line speed is stable, and the connection method is easy for recent laptops and tablets.However, since the SSID used is displayed on the connection screen of the terminal, if a malicious user knows the password linked to SSID, there is a danger of being "free".
・ Because the connection Bluetooth connection in "Bluetooth" is assumed to be pairing (one -on -one relationship), it is unlikely to be used by others, so it can be used with confidence.In recent years, the speed of communication standards has improved speed, but it can hinder browsing videos, not the ratio of Wi-Fi.However, there are many cases where business use is mainly used, such as exchanges via email, chat tools, and Internet connections rather than browsing videos.In such a case, this safe connection method is recommended.
・ Connection via USB connected with USB cable directly, connecting devices such as mobile routers, smartphones and laptops, and high communication speed and safety.However, some terminals such as Android are shaken on the terminal where the global IP is connected when connected to the bridge, and the security function of the mobile router does not work.Shaking global IPs can be identified from the outside, which leads to an increase in the risk of invasion.
Also, since a physical cable is required, if you forget to hold it, you will not be able to select it as a connection method.I want to keep a backup, such as putting a spare cable in the side pocket of a business bag.
Encryption of communication content that you want to be aware of when connecting with a mobile router
As mentioned earlier, when using public Wi-Fi, etc., both paid Wi-Fi and free Wi-Fi have the risk of "peeping".And it is not zero even if you use a mobile router.For business use that often handles highly confidential information, it is a desirable measure to reduce the risk by encrypt the communication content itself.VPN is a method of encrypting the communication content on all routes via the access point, the Internet, from mobile devices such as laptops and tablets.
・ VPN VPN is an abbreviation of Virtual Private Network, which is a “virtual dedicated line”.The "dedicated line" is technically realized by software, creating a safe situation by exchanging encrypted data via the VPN server.However, depending on the type of protocol to be connected, it is not safe, so be careful when selecting a VPN service.In addition, there are services that provide VPN free of charge in smartphone applications, but it is not recommended because the provider may not deny the possibility of any information.
・ SSL Recently, Google's recommendation has been recommended, and the number of SSL -adopted websites that encrypts the interactions in browsers has increased rapidly, and in the summer of 2018, it has exceeded 50%of the total.What URL starts with "https" is a website that uses SSL connection.SSL cannot be set by the user side, but it can be determined whether the display on the search results page starts with "https", so check whether the SSL is connected, including the address bar when using the Internet.It would be nice to keep it.
SSL has three server certificates, "DV", "OV", and "EV".In each case, although the encryption of the communication content is guaranteed, there is a difference as follows.
"DV" ... Proof that only the domain is managed "OV" ・ ・ ・ Proof that there are organizations such as companies that manage domains ... In accordance with the guidelines of each certification bureau,Strictly prove that the organization exists
In short, the "EV" certificate, which is authenticated after a strict screening, is said to be the most reliable, depending on whether the website provider really exists with higher accuracy. That's why EV certificates are used on a security website, such as financial institutions. In the case of a website where the EV certificate is installed, the main browser has a mark that means safety is displayed on the address bar. In recent years, the number of cases in which a phishing fraud is disguised as a famous website such as a financial institution, or using a method that is hard to distinguish from a different URL just by looking at a "homole attack" is increasing. In order not to suffer such damage, we want to check the address bar each time in cases where important information is entered.
summary
As we have seen so far, communication in tethering via a mobile router or smartphone is relatively secure in terms of security.However, if you do not manage your password properly, there is a risk of "free ride", and it will further enhance safety by applying complex measures such as encrypted communication contents.
Be sure to keep in mind that the data you exchange is always dangerous when using the Internet connection.In particular, crime tricks have been sophisticated recently, and tricks that apply technology omissions have appeared one after another.It is impossible to completely remove the danger in the Internet environment so that there is no possible security measures.On this premise, it is desirable to reduce risk by comprehensive measures such as consideration for operation aspects, such as devising data transmission and reception methods.