Picture yourself in your favorite cafe, drinking a hot cup of coffee while taking advantage of the free Wi-Fi to update your feed, or keep up with the news. I bet that to some of us, this already sounds like a very familiar setting. However, did you know that your computer might be under attack while you innocently read your emails?
Once connected to public Wi-Fi, the personal information available on our phones and laptops is put under risk. Businesses that provide free Wi-Fi may think that they are giving a valuable service to their clients but there is a chance that network security is either weak or non-existent. Public Wi-Fi has made our lives easier, nonetheless, there are huge risks connected to its use.
Nowadays, you can get access to public Wi-Fi from almost anywhere: hotels, airports, coffee shops, hospitals, and even schools. There are two types of public Wi-Fi networks: unsecured and secured. For an unsecured network, you will be able to connect without a login or password as long as you are within range. On the other hand, a secured network will require you to make an account, type in a password or agree to user terms. For you to obtain the password, you may need to make a purchase (of an item or the password). No matter the type of connection you are using, you should always remain cautious when using public Wi-Fi.
An unsecured Wi-Fi connection can be used by a hacker to spread malware. If the software in your device is vulnerable, attackers can inject a code that targets and exploits that vulnerability. A malware infection takes place when malicious software finds its way into your computer. Malware is designed to steal private information, spy on users without their consent or damage a victim's computer. You can get malware without your knowledge by downloading MP3, software or even video files from dubious sites. Similarly, by clicking on the links sent by suspicious emails, you may find yourself giving malware access to your PC.
Eavesdropping and man-in-the-middle attacks are similar. Three important things need to be present for a man-in-the-middle attack (MitM) to take place. These are the victim, an entity that the victim is communicating with and a ‘man in the middle’ who is meant to intercept the communication. It is also important that the man in the middle remains undetected for this to be successful. When your computer is connected to the internet, it sends data from one point to another. If attackers detect vulnerabilities between this transmission, they can intercept the network and read the data being sent across. Now the connection that you always thought to be private stops being so.
An encrypted network means that the data transferred between a PC and a router is hidden in the form of a code, which means that nobody without the key to the code can access the information. When you purchase a router, the encryption is usually turned off by default for most of them. This means that when you start setting up your network, you need to turn it on. If your network was set up by a professional, the chances of encryption being enabled are quite high. Nonetheless, there is no sure way of knowing whether your network has been encrypted.
Sniffing is a process through which attackers monitor and capture the data packets that are passing through a network. System/network administrators use sniffers to troubleshoot and monitor network traffic. Sniffers are used by attackers to steal sensitive information such as account details and passwords. On the other hand, snooping is a method of eavesdropping where intruders use your computer to listen to traffic. In other situations, software programs are used to remotely monitor the activity and keystrokes of a user.
Often, attackers set up free Wi-Fi points to trick users into unsuspiciously connecting to them. In most scenarios, attackers used the name ‘free Wi-Fi’, or alter the name of a reputable business nearby to lure people into connecting to the network. By using an altered reputable name, attackers are more likely to entice people to connect to the network. This can easily be done by slightly changing the name of a company to fit the desired hotspot name in order to induce confusion. For example, by changing ‘Sarova Hotel’ to ‘Sarrova Hotel’.
Public Wi-Fi networks are less secure than private ones. This is because you do not know who is connected to it or who set it up. Ideally, it is not recommended to use public Wi-Fi. However, in situations where that is not possible, you can still protect yourself using a couple of simple steps.
One of the most effective methods you can use to stay safe on public Wi-Fi is by using a virtual private network (VPN) client. A VPN encrypts the data traffic that's being sent to and from your phone or computer by connecting you to a secure server. This makes it really difficult for whoever is operating the network or using the network to sniff your details. There are a lot of paid and free VPNs on the market. If you are the type that connects to a lot of different networks, owns a business or travel frequently, it is advisable to invest in a good VPN. You can download a VPN by heading to the Chrome Web Store, Google Play Store, or you can buy one from an independent provider. Some of the best VPN services in the market are Hotspot Shield, CyberGhost, IPVanish, and ExpressVPN. It is advisable to purchase a paid version, like ExpressVPN, because free VPNs may use undesirable methods to monetize your data.
It is a good idea to turn off features that enable frictionless file sharing when using public Wi-Fi. You can do this by visiting the ‘Network and Sharing Center’ and clicking on ‘Change advanced sharing settings’. Disable sharing by clicking on ‘turn off file and printer sharing’. If you have a MacBook, you can do this by clicking ‘sharing’ under ‘system preferences’ and unchecking every option. Lastly, search for ‘AirDrop’ under ‘Finder’ and disable discoverability by selecting ‘Allow me to be discovered by: No one’. If you use iOS, go to the ‘Control Center’ and find AirDrop- turn it off. By following the previous steps, you will be safe from file grabbing and receiving files you do not want.
Remember to use ‘HTTPS’ as your search protocol when you type in a web address instead of ‘HTTP’. An ‘HTTPS’ protocol is safer and normally has a padlock icon on the browser’s address bar. If the website you are visiting requires login information or wants you to provide private credentials, this step is very important. Some browsers have the option of always using ‘HTTPS’; an option that can easily be turned on. If this option is not available, you will need to add an ‘s’ after ‘HTTP’ in the URL.
You can create a private, customizable hotspot with strong password protection using a free Wi-Fi hotspot maker. This software is used to create hotspots for free. You are free to set the Service Set Identifier (SSID) and password of your choice. You can make these changes by going to the ‘Settings’ menu of the software. To get a good Wi-Fi hotspot, go to a trusted download site like cnet.com or Softonic and look for your desired one. On the other hand, you can research how to do it using the command prompt. Some of the renowned Wi-Fi hotspot makers are mHotspot, Connectify, Ostoto, and MyPublicWifi.
It is advisable to use well-known networks, for example, McDonald’s, when you really need to use public Wi-Fi. Considering they are already making money from the products you buy, they are less likely to try and steal your private information. This does not mean that you will be secure from attackers- no public Wi-Fi network is entirely safe. Moreover, when signing up to access public Wi-Fi, do not fill in your personal credentials if they ask. Using an alternative email in such a scenario is highly advisable.
Apart from the above, more precautions to be taken for optimum safety when using public Wi-Fi. You will first need to ensure that your antivirus software is updated and working. To check for updates, open Windows Security and go to ‘virus and threat protection’. Locate ‘check for updates’ under ‘virus and threat protection updates’. After the update process is complete, restart your computer. You can use an EICAR Test File to make sure your antivirus is working.
Second, set a strong password for all your accounts and make sure to log out every time you stop using them. It is also not advised to leave your Wi-Fi or Bluetooth on when you are not using them. If you have a habit of repeating the same password for every account, you are more likely to be attacked.
It is easy to access Wi-Fi services nowadays from almost anywhere. Businesses are also providing free Wi-Fi to their clients as a service. When you are connected to public Wi-Fi, the private information on your phone and laptop are put at risk. Whether the type of connection is secured or unsecured, it is always a good measure to remain cautious when using public Wi-Fi. Some of the risks associated with public Wi-Fi include man-in-the-middle attacks, malware infections, sniffing, spoofing and malicious hotspots. The best way to keep your information private when using public Wi-Fi is by disabling file sharing, using a VPN, using an ‘HTTPS’ protocol and creating a personal free Wi-Fi hotspot.
gregory, p. h. (2005). cissp guide to security essentials (2nd ed.). cengage learning.