Public WiFi or hotspot access may seem like a blessing, but in reality, it can be quite dangerous unless you are prepared to shield yourself from the security threats associated with it.
WiFi providers are often legally obligated to provide some level of data security to the users connected to their network. But you need to be aware of the threat landscape so that you can better protect yourself. This guide will help you stay secure as you travel for work and everything else.
Top Five Public WiFi Security Risks
- Rogue wireless networks
A number of cases fall into this category, but for the sake of our explanation, we will include the most straightforward one of all.
Basically, what happens is that a hacker sets up a wireless network that appears similar to a legitimate public network. You may recognize these networks by unconventional names such as “Free WiFi” or “Free entry; no password,” etc.
Avoid them as much as possible.
- Rogue APs or Rogue Access Points
Rogue access points are similar in nature to rogue wireless networks. The only difference lies in the fact that instead of creating an entirely new network from scratch, rogue APs are installed on a preexisting network.
These APs are quite common and may often come in the form of off-the-shelf wireless routers.
In most cases, they are installed by legitimate employees. Unfortunately, many routers aren’t configured correctly, making them easy to break into even though the network might be otherwise secure.
- Unauthorized interception of data
Today’s it’s widely known that data sent over a public WiFi network can be easily intercepted by eavesdroppers within a few hundred feet, and even farther via directional antennas.
Fortunately, for now, almost all public WiFi products come with the AES-CCMP mode of data encryption which contributes a lot in keeping this issue at bay. But then, there are still traditional products speaking TKIP with many WLANs configured to accept both TKIP and AES at the same time.
TKIP is hugely vulnerable to MIC (message integrity check) making it an easy target for hackers and eavesdroppers. Network administrators need to retire TKIP for good, and acquire AES-CCMP to up the level of security in restaurants, airports, and railway stations.
- Packet sniffers or analyzers
These are small computer programs capable of monitoring traffic on a given network. They can also be used to intercept data packages providing information about their content.
- Man in the middle
This one’s possibly the most common threat of all.
As the name implies, someone in the middle (AKA a hacker) intercepts data packages traveling between individuals A and B.
One of the most common tactics used in this kind of attacks is eavesdropping where the hacker intercepts messages between two persons talking directly to one another. Connections coming without any mutual authentication protocol are extremely vulnerable to this type of attack.
**For more information on the inherent connection between hackers and public WiFi, refer to the infographic provided below.
Source- Inspire WiFi
Ways To Stay Safe On Public WiFi
- The first thing that you should do is check on that network name
Not every public WiFi is legitimate enough for use. For example, that “free railway WiFi” lurking in the background may not be safe, and can easily be worse than the ones provided by the stores, coffee shops, or retailers inside the station.
Opt for them instead.
And don’t forget to check on the network name with the authorized service provider. “KFC” and “KfC” may not be equivalent to one another.
- Make a habit of practicing good internet hygiene
Avoid working with sensitive data while you are on a public WiFi network.
The network can be good for checking on the news, watching a bit of your favorite YouTube videos, reading a blog, but it is probably not the best of all times to do online banking. Hope you get the point.
- Change your passwords before traveling
If you think you will have to log into your accounts with sensitive information such as banking, email, or social media from public wireless networks, switch to newer, complex passwords before you leave.
You can change them back as soon as you get home.
- Switch your WiFi off when you aren’t using it
One of the fundamental rules of security is that if you do not need something connected to a network, do not connect it.
When you have completed your work online, turn the WiFi option off on your laptop, smartphone, or tablet. It is definitely a nice habit to get used to especially when you are using unreliable public networks.
And then, it will also save you your battery.
- Go for HTTPS instead of HTTP
If you must surf online on a public network, try to ensure that the URL of the website you are visiting starts with a “HTTPS.”
“S” stands for secure where data in encrypted to give your maximum security online.
- Keep your antimalware and antivirus up to date
If you are on an untrusted, public network, make sure your device is running some kind of an antivirus/antimalware utility program. Also, make sure you update the program to its latest version before you leave.
As far as an antimalware program is concerned, I would recommend you to go for Malwarebytes. For the antivirus, you have plenty of options in the market. My suggestion would be to go for Sophos for macOS and Avira for Windows.
- Use a virtual private network
VPN or virtual private network was primarily developed as a part of the internet data security. It was built with the fundamental purpose of sending encrypted data over a network.
When you are connected to a public WiFi network, it’s strongly advisable to use a VPN for any kind activity on the internet. Using one ensures that all your data stays encrypted between you and your service provider, locking out anyone snooping on the same network.
**For more information on public WiFi security and precautions, refer to the infographic below.