Do you ever have long commutes? Are you ever annoyed by the constant cutting out of signal? Would life not be made so much easier if they just has wifi on the trains? From 2017 free WiFi will be rolled out across a number of UK train operators, thanks to the Department for Transport’s £50 million initiative to increase WiFi on trains. You could soon go from Bournemouth to Newcastle without fear of not being able to scroll through Instagram due to poor signal.

The Department for Transport (DfT) is currently running a program whereby the department will offer funding to train operators to launch projects in order to implement WiFi on trains. With recent demos showing the way in which insecure WiFi hotspots can lead to those accessing the network being targeted with ransomware, Intel Security launched a Freedom of Information request on the DfT to find out whether it is setting up mandatory guidelines for public train WiFi to accompany this program.

“While this will hugely benefit a number of commuters, who can work remotely during their journey to and from work, this also comes with significant security risks if the right precautions are not implemented,” explains Raj Samani, CTO EMEA Intel Security.

A Freedom of Information Request (FOI) uncovered that the DfT “has not linked receiving funding for the on-train Wi-Fi with including a specific cyber security strategy.” While the department will be providing some suggested cyber security guidelines, it is not a mandatory requirement for train operators to follow these in order to be deemed eligible for funding to launch open WiFi on their trains.

“I severely hope that despite the lack of mandatory guidelines, each individual train operator puts strict security measures in place to protect commuters who access their WiFi,” continued Samani.

“Free WiFi hotspots are a breeding ground for hackers and our latest demo has uncovered that there is a potential new threat set to hit users of public WiFi. Intel Security ran a demo using a fake WiFi hotspot and proved that those that access the network can be targeted with ransomware. The ransomware then lies dormant on the user’s computer until they return to the office and log on to the business network. The ransomware then activates and locks down network assets, holding them to ransom.

“Alongside the train operators, I urge commuters to take precautions when accessing public WiFi. Creating a virtual private network (VPN) is one of the best ways to keep your browsing session private.”