When you’re out and about, one of the easiest ways to get online is using a public Wi-Fi network. These networks are convenient, but they can also be dangerous, as they leave your device vulnerable to attacks. In this blog post, we will discuss the top security risks to protect from when using a public Wi-Fi network, from malware distribution and unencrypted networks to malicious hotspots and sidejacking attacks. We’ll also provide tips on how to use some of cybersecurity best practices for remote work while surfing the web in public.
Man-in-the-Middle (MitM) is one of the most common types of attacks on public Wi-Fi networks. Essentially, a MitM attack is a form of eavesdropping. When your computer connects to the Internet, data is sent from your computer to the service or website you’re using, allowing an attacker to intercept and view this data. MitM attacks can be used to steal sensitive information, such as your login credentials or credit card numbers.
Encryption means that cleartext data is converted into a type of secret code before being sent over the Internet, making it more difficult for attackers to decipher the data and steal sensitive information. However, most public Wi-Fi networks don’t use encryption, leaving your data vulnerable to interception. The reason for this is that most routers are shipped from the factory with encryption turned off by default, and it must be turned on when the network is set up.
Software vulnerabilities allow attackers to slip malware onto your computer without your knowledge. A malware attack on your device will become immediately apparent, however, when your computer starts to run slowly or crash frequently. On public Wi-Fi networks, malware distribution has become one of the main cyber risks since the vast transition to digital operations by organizations. Attackers can use various methods to distribute malware, such as phishing emails or drive-by downloads.
Snooping and sniffing
Snooping or sniffing technically gets done when an attacker is trying to look at the data that you are sending over a network. To that end, the attacker must first install malicious software onto your computer through the Wi-Fi network or by using a program called a packet sniffer. If an attacker is successful in snooping on your data, they can easily steal sensitive information like passwords and credit card numbers. Sniffing is a serious threat to public Wi-Fi networks since the data being transmitted is not encrypted.
Malicious hotspots are Wi-Fi networks set up by attackers to steal your data. They often mimic the SSID (name) of legitimate networks, so it can be difficult to tell them apart. If you connect to one of these hotspots, the attacker can easily intercept and read any data you send or receive, including passwords, emails, and credit card numbers. Examples range from a Russian man who set up a fake Wi-Fi network at a coffee shop to steal people’s login credentials, to the infamous “free Wi-Fi” van that drove around New York City stealing people’s banking information.
Sidejacking, also known as session hijacking, is another type of attack that takes advantage of public Wi-Fi networks. Attackers can use special software to intercept the unencrypted traffic sent between your device and the Wi-Fi network. This allows them to access any information that was not encrypted, such as cookies, which can be used to log in to websites or social media accounts of yours. Session hijacking is a serious threat since it can be used to gain access to sensitive information, such as your email or social media account.
Shoulder surfing is a type of attack where the attacker simply looks over your shoulder to see what you’re doing. This is a risk even if you’re using a private, encrypted Wi-Fi network, as the attacker can still see what you’re doing on your screen. Shoulder surfing is especially common on public Wi-Fi networks, as it’s easy for attackers to blend in and pretend they’re just another user.
How to protect your device
1. Use a VPN
A virtual private network (VPN) connection encrypts all the traffic between your device and the VPN server, making it impossible for attackers to intercept or read your data. While VPNs are not foolproof, they are known to be one of the most effective ways to protect your data on public Wi-Fi networks. If you’re a remote worker using public Wi-Fi to connect to your company’s network, make sure you’re always using a VPN.
2. Use SSL connections
Using SSL connections (HTTPS) is another way to protect your data on public Wi-Fi networks. When you connect to a website using SSL, all the traffic between your device and the website is encrypted. This means that even if an attacker intercepts the traffic, they will not be able to read it. Many websites now default to SSL connections, but you can check if a website is using SSL by looking for the “HTTPS” in the URL.
3. Turn off sharing
When you’re using public Wi-Fi, it’s important to make sure that you turn off file sharing on your device. If you don’t, anyone else on the network will be able to access the files on your device. To turn off file sharing on a Windows computer, go to Control Panel > Network and Sharing Center > Change advanced sharing settings. On a Mac, go to System Preferences > Sharing.
4. Keep Wi-Fi off when you don’t need it
Even if you’re not using Wi-Fi, your device may still be broadcasting its SSID, which can be used to track your location. If you don’t need Wi-Fi, it’s best to keep it turned off until you do. To turn off Wi-Fi on a Windows computer, go to Control Panel > Network and Sharing Center > Change adapter settings. On a Mac, go to System Preferences > Network. If you’re just using your computer to work on a local file, you don’t need to be connected to the internet at all.
Securing Your Wireless Network
Keeping your device up to date with the latest security patches and using an antivirus program can help protect your device from malware. Other ways to stay protected include only connecting to networks you trust, and not sharing too much personal information on social media, as this can be used to target you with attacks.
Whenever you have to use public Wi-Fi, make sure to take extra security measures to protect your device and your data, namely using a VPN, SSL connections, and turning off file sharing. You can also reduce your risk by keeping Wi-Fi turned off when you don’t need it and being careful about the amount of personal information you share online.
Wireless penetration testing is an assessment that identifies vulnerabilities within wireless access points, such as Wi-Fi networks and wireless devices using the same techniques as hackers to breach your infrastructure.
If you need help securing your wi-fi network, contact us.