Full Report
In the lead-up to the 2026 FIFA World Cup, Kaspersky GReAT experts conducted a wardriving assessment in Mexico City, Monterrey, and Guadalajara to evaluate Wi-Fi hotspot security configurations and potential exposure risks.
Analysis Summary
# Research: How safe is Mexican public Wi-Fi infrastructure?
## Metadata
- **Authors:** Kaspersky Global Research and Analysis Team (GReAT)
- **Institution:** Kaspersky
- **Publication:** Securelist
- **Date:** May 2024 (Assessment conducted in lead-up to 2026 FIFA World Cup)
## Abstract
In anticipation of the 2026 FIFA World Cup, Kaspersky GReAT conducted a wardriving assessment across Mexico’s three primary host cities: Mexico City, Monterrey, and Guadalajara. By analyzing over 190,000 Wi-Fi hotspots, the researchers evaluated the encryption protocols and security configurations of public and semi-public networks. The study reveals a significant landscape of outdated encryption standards and unencrypted "Open" networks, posing substantial risks to the millions of tourists expected to visit the region.
## Research Objective
The primary objective was to assess the security posture of the wireless infrastructure in Mexican cities that will host the 2026 FIFA World Cup. The research sought to quantify the prevalence of insecure encryption (WPA, WEP, and Open networks) and identify potential exposure risks for users connecting to these hotspots.
## Methodology
### Approach
The researchers utilized a **wardriving** methodology—the act of searching for Wi-Fi wireless networks by a person in a moving vehicle. The team traversed major avenues, commercial zones, and tourist hubs, using passive sniffing techniques to capture beacon frames from nearby access points without interacting with the data traffic of users.
### Dataset/Environment
- **Location:** Mexico City, Monterrey, and Guadalajara (Mexico).
- **Sample Size:** 190,254 unique Wi-Fi access points (BSSIDs).
- **Context:** Areas surrounding stadiums, airports, and major hotels.
### Tools & Technologies
- **Hardware:** High-gain antennas and GPS modules for precise geolocation.
- **Software:** Specialized wardriving software (e.g., Kismet or Wigle-compatible tools) for mapping and logging network metadata including SSID, BSSID, signal strength, and encryption type.
## Key Findings
### Primary Results
1. **High Prevalence of Insecurity:** Approximately **47%** of the analyzed Wi-Fi networks lack modern security configurations.
2. **Open Networks:** Roughly **15%** of the hotspots are completely "Open," meaning they have no encryption or password protection at all.
3. **Legacy Protocols:** Over **30%** of networks utilize WPA or WEP, protocols that are considered broken and vulnerable to near-instantaneous cracking.
4. **WPA3 Scarcity:** Modern WPA3 encryption is present in less than **1%** of the sampled infrastructure.
### Statistical/Empirical Support
- **Total Networks Analyzed:** 190,254.
- **Secure (WPA2/WPA3):** ~53%.
- **Vulnerable (WPA/WEP/Open):** ~47%.
### Novel Contributions
- **Event-Specific Risk Modeling:** One of the first large-scale assessments specifically targeting the 2026 FIFA World Cup host cities.
- **Geospatial Security Mapping:** Correlating security vulnerabilities with specific geographical areas likely to see the highest density of international travelers.
## Technical Details
The research highlights the danger of **Man-in-the-Middle (MitM)** attacks facilitated by these configurations. In "Open" networks, traffic is sent in cleartext, allowing attackers to sniff sensitive data (credentials, session cookies) via simple tools. In networks using WEP/WPA, the research underscores how easily the "Handshake" can be captured and cracked offline using brute-force or dictionary attacks, eventually granting the attacker full access to the network's data stream.
## Practical Implications
### For Security Practitioners
- Infrastructure in these regions requires a massive overhaul before 2026.
- There is a high likelihood of "Evil Twin" hotspots being deployed by threat actors in areas identified as having many "Open" networks.
### For Defenders
- **VPN Requirement:** Users must be educated to use a Virtual Private Network (VPN) as a non-negotiable layer of protection when traveling.
- **Update Protocols:** Local businesses and municipalities should migrate to WPA2 (CCMP) at minimum, or ideally WPA3.
- **Disable Auto-Connect:** Users should disable "Auto-Join" for Wi-Fi networks to prevent devices from silently connecting to malicious hotspots.
### For Researchers
- This provides a baseline dataset for longitudinal studies on how infrastructure security evolves as major international events approach.
## Limitations
- **Passive Collection:** The assessment was passive and did not test for advanced "captive portal" vulnerabilities or the presence of DNS hijacking.
- **Snapshot in Time:** The data reflects the state of security in early 2024; configurations may change as the event approaches.
- **Signal Range:** Wardriving only captures networks visible from the street; it may underrepresent private internal office networks.
## Comparison to Prior Work
Compared to similar wardriving studies in major European capitals or the US, Mexico's infrastructure shows a higher reliance on "Open" and legacy WPA protocols, likely due to a slower hardware refresh cycle in public-facing hospitality sectors.
## Real-world Applications
- **Travel Advisory:** Data can be used to inform government and corporate travel advisories for employees visiting Mexico.
- **Urban Planning:** Provides a roadmap for Mexican municipal authorities to improve digital safety standards for public "Smart City" Wi-Fi initiatives.
## Future Work
- **Stadium-Specific Audits:** Targeted assessments of the internal Wi-Fi infrastructure *inside* the 2026 stadiums.
- **Post-Event Review:** Conducting a follow-up study after the FIFA event to see if security significantly improved due to temporary infrastructure upgrades.
## References
- Kaspersky GReAT Analysis: "How safe is Mexican public Wi-Fi infrastructure?"
- Related Research: [https://securelist.com/wardriving-assessment-in-mexico-fifa-world-cup-2026/119996/](https://securelist.com/wardriving-assessment-in-mexico-fifa-world-cup-2026/119996/)