We’ve been told for some time that there are dangers associated to connecting to free public Wi-Fi. What are those dangers? Could they put your data at risk? We’ll look at a few of the most common threats associated with public Wi-Fi, and how to stay protected.
MITM Attack
One of the biggest dangers with connecting to public Wi-Fi is a man in the middle attack. There are a few different variations, but a common one is spoofing a legitimate free public Wi-Fi.
The attacker sets up their own free Wi-Fi network and names it the same as the legitimate network. Users unknowingly connect to it and start browsing the web. The attacker then intercepts all the data exchanged and can see what you’re doing online. That includes any logins and passwords you may use, or credit card data you may enter.
If you are traveling on business and happen to use your work credentials to log in and get some things done, they have now captured those as well. The attacker can then use those credentials later at their leisure to access your corporate resources for whatever malicious purposes they had in mind.
Phishing
Some attackers use a fake login page to their free Wi-Fi to gather usernames and passwords. It simply asks you to login via your google or other account and then captures your email and password when you do. Invisible to the user, but effective for the attackers.
Malware Distribution
Hackers can also use public Wi-Fi connections to distribute malware. If you allow file-sharing across a network, the hacker can easily plant infected software on your computer.
How to Stay Protected
There are a few things you can do to protect yourself when using public Wi-Fi.
- Don’t use public Wi-Fi. Connect to secure networks you trust whenever possible. Hot spot your phone where possible and use that as an alternative connection. Wait till you get back to an area where you can ensure the security of the network.
- Use a VPN. When connecting back to work or anywhere that sensitive data will be transmitted, turn on your VPN. This will encrypt your data. Most hackers are after an easy target, and if they see encryption will move on to the next target.
- Turn Off Sharing. If you have an iPhone turn off airdrop immediately. If you’re using Windows, check your settings to ensure that file sharing is disabled.
- Look for Secure Websites. Check out your browser bar if you’re online. Make sure that you stick to websites with an HTTPS at the front and that little lock symbol.
- Install a Quality Antivirus. If you don’t already have a quality AV or EDR solution installed on your laptop, get one. It will add a layer of protection to your endpoint and help keep you safe.
- Use Multifactor Authentication. This is generally a good idea for everything at all times, but specifically can help deter bad actors if they catch you on a public Wi-Fi. MFA everything. Even if they manage to get your password they still wouldn’t be able to connect to that resource.
Stay Safe Out There
The best advice we can give is to avoid public Wi-Fi all together. If you know you’ll need to be online while on the road talk to your IT about VPN, MFA, and other solutions that can help keep you safe. If you don’t have a smart IT guy you can talk to, give us a call. We’re friendly and ready to help with expert advice about how to better secure your network and stay safe online.
Photo by Paul Hanaoka on Unsplash
