Free and Public Wi-Fi is the Greatest Thing Ever … just ask any hacker!

The dangers of public Wi-Fi

 

 

Should you ever use public Wi-Fi?

 

 

At Imagine IT, we tell our partners this; Don’t ever use public Wi-Fi unless it is necessary. There are just too many advantages to cyber criminals and hackers with public Wi-Fi.

But if you have no choice, then this article will help you be more secure when traveling or working remotely.

Free and Public Wi-Fi, whether in a coffee shop, airport, retail shop, or even your public library, makes it simple and convenient to access the internet. You can use it for both business and personal use, like sending emails, checking your bank account, or even jumping on social media to create your next fun post.

But the big question is, should you … especially for business?

Though super convenient and attractive for all of us, public Wi-Fi creates cyber security and privacy risks that you must know.

Free WI-FI hotspots don’t need authentication, making it easier for hackers This makes it easy for hackers to gain access to unprotected devices on the network.

So, what are the greatest security risks when you connect to a free public Wi-Fi network?

Let’s start by thinking like a hacker!

 

Understanding how hackers use Wi-Fi

The best way to stop a cyber-hacker is to think like one. What do hackers and cyber criminals do to steal and take advantage of unsuspecting users?

Here is a quick list of things they do:

 

  1. Man-in-the-Middle Attacks

When you access the internet through Wi-Fi, you establish a link with a server or router that connects you to the internet. A Man-in-the-middle attack happens when a cyber-hacker puts themselves between you and the connection point. Essentially creating a fake hot spot.

So instead of connecting directly with your intended connection point, you’re sending your information directly to the hacker, who then shares it with others.

Cybercriminals often use unique software to manipulate and see the traffic coming in and out of your mobile device. Allowing them to steal login credentials, bank information and see what you ordered and where it is being delivered.

These cybercriminals can also steal your credit card information and commit financial fraud. They can even make purchases, withdraw money, and even apply for loans in your name.

They can also sell all your personal information on the Dark Web.

 

  1. Snooping, Spying, and Sniffing

Hackers can eavesdrop on unsecured free and public Wi-Fi hotspots and networks.

Using specific software, a hacker can snoop on the network, allowing them to see what you’re doing on your device while you are using that specific public Wi-Fi connection.

Occasionally, the attacker will just read your browsing history. However, the attacker may steal your login details to steal personal information from your company, causing a full data breach.

 

  1. Malware

Cyber hackers can infect unsecured Wi-Fi connections with malware, which consequently infects the devices that are connected to it. Some will hack the connection point itself and send you fake pop-ups asking you to update certain software on your device. And when you click on the update, the malware is installed.

Once the malware infects your device, the hacker can steal sensitive information, delete files, and make your device unusable. The scariest part is, they will hide on your systems for weeks and months, collecting data from you and your organization.

You often won’t even notice your device has been infected with malware.

 

  1. Evil Twin Attacks

Also known as “the honeypot attack,” is a type of cyber-attack where a hacker sets up a malicious and fake Wi-Fi hotspot with the intent of stealing your personal information.

Many people make the mistake of selecting a WI-FI hot spot if they recognize the name. And any hacker can set up malicious hotspots that seem legitimate. These hotspots have one goal, to trick you into clicking on them.

Cybercriminals can set up a rogue Wi-Fi hotspot and record any unencrypted information going through it. To create the fake access point, attackers set up their own “free Wi-Fi hotspots” with the name of a nearby business, restaurant, coffee shop, or retail shop.

Once you connect a mobile device to a fake and malicious hotspot, the hacker will monitor and steal your information, including logins and banking information.

 

Protecting Yourself on Public Wi-Fi: Secured vs. unsecured

If you use public Wi-Fi managed by someone else, it’s always somewhat unsecured, unlike your home or business Wi-Fi. Because you have no idea who else has the password, and you don’t know who else might be on the network with you. For that reason, you should treat every public Wi-Fi network as potentially unsafe.

 

What is Unsecured Wi-Fi?
Unsecured Wi-Fi is what you find at a fast-food joint, hotel, or another public place. There is usually no password needed. And if you’re in range of the hotpot, anyone can jump on and surf the web. Unsecured WiFi networks have no security encryption key to prevent people from accessing them.  Anyone can automatically connect to these networks and begin browsing the internet. Another thing to keep in mind is that even if the network has a terms and conditions page or requires the user to divulge their email – it doesn’t mean the network is secure.

Unsecured Wi-Fi is about as public and risky as you can get.

 

What is Secured Wi-Fi?
Secured Wi-Fi typically requires a little more work to access than unsecured. For example, you will usually need a password to log in, and you may be required to check a box on the terms and conditions page before being connected. Some businesses require a purchase before you can access their secured Wi-Fi.

Secured WiFi networks are normally locked with an encryption key that includes WiFi Protected Access (WPA), WiFi Protected Access II (WPA2), or Wired Equivalent Privacy (WEP). Secure networks require a password (known as an encryption key) and can only be used once that password has been entered correctly.

After putting in the password, authentic and secure networks will present the user with a terms and conditions screen and/or ask them to sign up with their email address.

 

Here are some Wi-Fi Rules to live by:

  • Enable firewalls and antivirus software
  • Turn off automatic connectivity features, including Bluetooth, before you connect
  • Turn off all features on your phone, laptop, or tablet that allow your device to automatically connect with another device or public wireless networks
  • Never download or install anything while on public Wi-Fi
  • Don’t click on any pop-up windows asking you to install or download something to log on to free public Wi-Fi
  • Do not download anything from the web, and always avoid doing any system upgrades or updates
  • Look for the HTTPS padlock
  • Do not input any personal information on any sites you visit on public Wi-Fi
  • Limit the number of public Wi-Fi hotspots you use
  • Always “forget” the network after you use public Wi-Fi

 

How to beef up your cyber security

 

Keep your security updates current
Yes, they can take a while to download, but keeping your device’s security updates current will keep you safer on public Wi-Fi.

Use two-factor authentication on your accounts
Two-factor authentication requires you to use a password and something else—like a security question or a PIN—to get access to an account. Using this on all your accounts is an effective way to thwart any hackers who might get your password.

Use a VPN (Virtual Private Network)
A virtual private network lets you surf the web anonymously by routing all your web activities through a secure, encrypted server. VPNs are a good choice if you’re a frequent traveler on public transport.

 

FINAL WORD

At Imagine IT, we recommend that you don’t ever use public Wi-Fi for business use unless it is an emergency. There are just too many ways for hackers to get into your company’s network. So, if it isn’t necessary or an emergency, then wait until you have a secure connection.

If you have no choice, and it’s an emergency, then make sure you follow the rules we set above.

If you have more cyber security concerns and would like to learn more about an enterprise-grade, fully layered cyber security solution created specifically for small to mid-sized organizations. Check out this link:

The Security Shield