SERVICES + SOLUTIONS

Secure Cloud Infrastructure
Offensive Cyber Security
Information Security
DR & Risk Management
Blogs

Ever Connected With Shared or Public WiFi? You Need to Know This

October 9, 2023
Ever Connected With Shared or Public WiFi? You Need to Know This

In the digital age, staying connected is crucial for work. While home networks offer security and ease, the reality is that we often need to get things done and stay in touch on the go. Public Wi-Fi has become our lifeline, accessible in coffee shops, hotels, airports, and more. However, as convenient as it is, using it can be risky.

In this blog post, we will delve into the world of public Wi-Fi networks. We will explore the inherent security risks, the potential consequences of careless usage, and most importantly, the practical steps you can take to safeguard your data and privacy. 

Secure versus unsecured Wi-Fi

There is a critical distinction between secure and unsecured Wi-Fi. This lies in the level of protection they offer. When connected to your home Wi-Fi or a professionally designed secure network, your data is safeguarded against potential threats. However, with public Wi-Fi, it's a different story. These networks are often unsecured, meaning anyone can join without a password, making them risky. 

To ensure a secure connection, look for the padlock symbol near the URL and verify the security certificate. When it comes to Wi-Fi, always err on the side of caution - assuming all hotspots are unsafe is a prudent cybersecurity approach.

Risks of connecting to public Wi-Fi 

Using public Wi-Fi can put your personal and business information at risk in several ways. Cybercriminals leverage their technical expertise and readily available tools to infiltrate insecure networks, stealing information like passwords, financial data, and personal records. This creates vulnerabilities for identity theft and phishing schemes. 

Whether you are a private user or a business owner, it is important to keep yourself and your team up to date with these risks to ensure that everyone follows best practices regarding cyber security and good cyber hygiene. 

  • Identity theft and profiling: Hackers can compile user profiles for launching targeted cyberattacks, phishing campaigns, or seeking Dark Web password repositories, ultimately compromising both personal and business data.

  • Malware infiltration: Malicious software may be discreetly inserted into unprotected devices through public hotspots, potentially recording user actions, undermining security, and causing disruptions.

  • Unauthorised password access: Skilled hackers utilise specialised tools to hunt for passwords or intercept login credentials, jeopardising access to various accounts.

  • Surveillance for sensitive data: Cybercriminals focus on public Wi-Fi networks to surveil sensitive documents such as contracts and financial records, exposing business users to risks regarding financial stability and employment security.

  • Business email compromise (BEC): Perpetrators exploit corporate email accounts, impersonating trusted contacts to manipulate businesses into altering payment details or transferring funds to fictitious clients, necessitating cybersecurity education and proactive measures.

  • Ransomware threats: Attacks on open Wi-Fi networks seek access points to data storage systems, potentially leading to blackmail and threats to release sensitive information that has been captured. 

  • Session manipulation: Through session manipulation, malicious actors gain unauthorised access to legitimate user sessions, which may compromise stored data or enable bypassing of website security measures.

  • Account takeovers: Hackers endeavour to gain unauthorised control over business accounts, including email, financial, and social media accounts by circumventing authentication safeguards. This is especially exploited on unsecured networks.

  • Phishing incidents: Wi-Fi hacking enables attackers to intercept network traffic, infusing phishing attacks via emails, text messages, or voicemails. Bad actors capitalise on human error to get victims to divulge sensitive information.

  • Rogue network intrusion: Rogue access points secretly penetrate wired infrastructures, masquerading as authentic Wi-Fi connections. These deceive users into connecting to them, which opens a door to cyber attacks.

  • Unencrypted communications: The absence of encryption in public Wi-Fi exposes users to the scrutiny of file sharing and network traffic, enabling the injection of malicious JavaScript and monitoring of network participants.

  • Network eavesdropping: Malicious software may be employed by hackers to remotely surveil the activities of third-party laptops connected to public Wi-Fi, exposing sensitive details like credit card information and login credentials.

  • Deceptive system updates: Hackers often target mobile devices with deceptive system update alerts while on public Wi-Fi, incorporating data-exfiltration capabilities that pose risks to user data security.

Common public Wi-Fi attacks 

Hackers manipulate public Wi-Fi sources in several ways. These are some of the most commonly deployed attacks: 

  • Evil twin attack: Hackers create fake hotspots with names that appear trustworthy, intercepting your data when you connect.

  • Man-in-the-middle attack (MITM): Cybercriminals eavesdrop on data as it travels between devices and the Wi-Fi router, potentially stealing sensitive information.

  • Password cracking attack: Scammers use software to automatically attempt numerous username and password combinations to gain access to router interfaces.

  • Packet sniffing: Malicious hackers capture data units sent over unsecured Wi-Fi, extracting login credentials or financial information.

  • Security vulnerabilities: Poorly secured public Wi-Fi networks may allow cybercriminals to log in as administrators or plant malware on compromised devices.

  • System upgrade alerts: Hackers can deploy fake system upgrade alerts that may lead to viruses when clicked on while using public Wi-Fi.

  • File sharing: Hackers may use open file-sharing networks and AirDrops to infect computers with malware or viruses that can create system vulnerabilities.

How to up the security on your device

Cybersecurity is constantly developing to provide armour against hackers preying on unknowing victims. Make sure that you stay current with these technologies when connecting to public Wi-Fi networks. If you are a business owner, educating your employees on these practices is paramount:

  1. Install antivirus virus software and keep your updates current

Ensure you have reliable antivirus software installed and regularly update it on all your devices, including smartphones and tablets. Anti-malware software can detect and prevent malware on public Wi-Fi networks. 

It is vital that you maintain your device’s security updates, as these include the latest security patches to safeguard against new and developing cyber attacks. 

  1. Use two-factor (2FA) or multi-factor authentication (MFA) on your accounts

Implementing strong authentication measures is necessary for account security. Utilise two-factor (2FA) or multi-factor authentication (MFA) across all your accounts, which combines a password with an additional layer of security like a security question or a PIN. Even if hackers obtain your username and password, they won't be able to access your accounts without this authentication code. 

  1. Use a VPN (Virtual Private Network)

Using a VPN is a crucial step in safeguarding your online privacy when connecting to public Wi-Fi networks. VPNs route your web activities through encrypted servers, ensuring anonymous web surfing and protection against data interception. They serve as a secure tunnel for your data, making it challenging for network operators or malicious actors to monitor your online actions. 

Paid VPN services are recommended over free options, as they offer more excellent reliability and security, typically costing only a nominal monthly fee. VPNs are especially valuable for frequent travellers and those regularly accessing public Wi-Fi networks, providing strong encryption to shield personal data from potential threats on unsecured networks.

  1. Switch off auto-connect

Automatic connectivity settings on devices like smartphones, laptops, and tablets can be convenient but potentially risky, as they may connect to unsafe networks. Disabling this feature in your device settings is wise, especially when travelling to unfamiliar areas. Be sure to disable auto-connect for file sharing, AirDrop, and printer sharing too.

After using public Wi-Fi, consider selecting the "forget network" option for added security. Additionally, be cautious about Bluetooth connectivity, which hackers can exploit in public places; check that it is turned off on your devices in unfamiliar locations. 

  1. Erect firewalls

When using public Wi-Fi, be sure to have an active firewall in place as a protective barrier against malware threats. Firewalls filter network traffic, allowing safe traffic to pass through and alerting you with warnings about suspicious websites and files. 

Sometimes, users may inadvertently disable the firewall due to pop-ups and notifications. To reactivate it on a PC, navigate to the Control Panel, then "System and Security," and select "Windows Firewall." Mac users can enable this feature in "System Preferences," then "Security & Privacy," under the "Firewall" tab. 

  1. Use a password manager

Storing your credentials securely in a password manager is a good cyber hygiene practice. This tool automatically populates your login information on websites, keeping it hidden from potential eavesdropping hackers.

Be sure to build a strong passkey to keep your password manager safe. 

Staying safe on public Wi-Fi 

Sometimes, public Wi-Fi is all that is available to us. While it can be unsafe, knowing about the dangers of hacker activities and having protective measures in place can help you navigate public Wi-Fi safely and reduce your chances of being attacked. When you use public Wi-Fi, follow these steps to stay as safe as possible:

Before connecting

  1. Activate your VPN for added security.
  2. Clear your browsing history and cache.
  3. Ensure your antivirus is active and up-to-date.
  4. Turn off Bluetooth discoverability.
  5. Enable two-factor or multi-factor authentication for important accounts.
  6. Disable auto-connect to prevent forced connections.
  7. Confirm you're joining the correct network; beware of impostor networks set up by hackers.

While using public Wi-Fi

  1. Connect only to networks associated with physical locations.
  2. Log out of unnecessary accounts.
  3. Close unused applications.
  4. Use a password manager for secure logins.
  5. Avoid entering sensitive information like passwords, credit card details, or SSNs.
  6. Limit your saved Wi-Fi networks to trusted ones.
  7. Keep your devices with you; don't leave them unattended.
  8. Be mindful of your surroundings and avoid distractions.
  9. Avoid online banking and sensitive transactions; opt for secure connections.
  10. Don't click on pop-ups, download files, or perform system upgrades on public Wi-Fi.

After disconnecting from public Wi-Fi

  1. Set your device to “forget previously used networks” to prevent automatic reconnection.
  2. Always log out of websites, not just close your browser.
  3. Turn off Wi-Fi if you're not using it.
  4. Scan your devices for malware.
  5. Restart your device to break potential connections.
  6. Remove unnecessary networks from your preferred list.

Alternative internet sources

When it comes to finding a safer way to stay connected online without relying on public Wi-Fi, there are some smart alternatives to consider. 

First off, many cell phone companies now offer their customers access to exclusive Wi-Fi hotspots, which tend to be more secure. 

Another option is to go for an unlimited data plan on your smartphone and offer the same plan to your employees. You can use your smartphone as a personal hotspot to connect your laptop securely. This is gaining popularity, especially with the faster speeds of 5G smartphones. Just make sure to set a strong password for your hotspot to keep it safe. 

If you need to do anything that involves sensitive information it is often safer to use your mobile data instead of public Wi-Fi. 

Conclusion 

In today's digital age, the allure of public Wi-Fi is undeniable, offering convenience and connectivity on the go. However, the risks associated with public Wi-Fi are equally significant. From data interception and identity theft to malware infiltration and phishing attacks, the threats are ever-present.

The key takeaway is that safeguarding your online security does not mean sacrificing convenience. By adopting a proactive cybersecurity stance and investing in robust protective measures, such as VPNs and secure hotspots, you can navigate the digital landscape with confidence. Whether you are a business professional or an everyday user, always exercise caution when connecting to public Wi-Fi networks. Stay informed, stay secure, and stay cyber-savvy.

At ITRS, our team is dedicated to helping your business secure strong cybersecurity measures and practices to minimise the risks hackers pose to your most sensitive information. Contact us to understand how we can serve you in building a solid security posture.

Back to blogs
Three planes flying in formation

ITRS = Business - Risk ²

These powerful solutions can be tailored to meet the unique requirements of your business.
If you would like to learn more about how your company can benefit from a more agile approach, greater ease of use and flexibility, secure cloud infrastructure services from ITRS are the answer.

Get started today
Privacy PolicyCookie PolicyTerms & Conditions
Website designed by Pathfind Media
Search Website