When looking to connect to an open Wi-Fi network at an airport lounge, local coffee shop, hotel etc, it’s important to understand the security risks involved with joining an ‘Open’ or ‘Public’ network and what can be done to help mitigate the risks to help keep your information safe. The WPA2 encryption standard used on most modern Wi-Fi networks has been exposed with a fundamental flaw that if exploited can allow an attacker to eavesdrop on network activity by decrypting traffic and hijacking connections.
What does public Wi-Fi mean?
Public Wi-Fi is usually an open network in a public space, such as coffee shops, airports, restaurants, hotels, or even supermarkets. These networks allow users free access to the internet – often in exchange for providing an email address. Open networks are so incredibly common and widespread, they’re often used by people who don’t give it a second thought. Web browsing, logging in to check social media or reading emails seems harmless, but you could be putting your personal information and data at risk.
What are the risks?
There are numerous risks associated with public Wi-Fi networks. Providing this ‘service’ (free Wi-Fi) can seem like a great idea to business owners, they may feel that they’re adding value to their premises, but in more cases that not, these networks have security protocols that are mostly absent or very relaxed.
Unencrypted Wi-Fi Networks
Encrypted networks will scramble data transmitted between your device and the wireless access point and cannot be unscrambled, or ‘decrypted’, without the correct key. Unfortunately, encryption on routers is often disabled out of the box and must be enabled during the initial setup of the Wi-Fi network. A network setup by an IT professional most likely has its encryption enabled, nevertheless, it’s best to err on the side of caution, as there’s no way to know for sure if this has been enabled.
This form of eavesdropping attack is one of the more common threats that users are faced with when connecting to an open network. In a man-in-the-middle attack (MITM), an attacker will exploit vulnerabilities to place themselves between your computer and a website or service – this allows the attacker to snoop or change data before it reaches its intended target. The user’s website login credentials, private messages or bank/card details are all at risk of being intercepted by a man-in-the-middle attack.
Malicious hotspots are ‘rogue access points’, that trick users into believing that they are connecting to a legitimate Wi-Fi network. If you’re staying at a hotel, you may instinctively connect to any free Wi-Fi that looks like it’s provided by the hotel (e.g. Hotel Wi-Fi). An attacker would setup a malicious Wi-Fi network with a very similar SSID name (e.g. Hotel Free Wi-Fi), which can make it very difficult to differentiate which network is legitimate, and if you’ve connected to a rogue hotspot.
Software vulnerabilities can open security holes that attackers can exploit to inject malware onto your computer, phone or tablet. Software vulnerabilities are found in operating systems or local applications – hackers can deploy custom code to exploit these flaws and install malware on to devices behind the scenes without the user ever knowing.
Staying safe on public Wi-Fi
One of the most efficient ways to keep your information safe when connected to a public Wi-Fi network, is the use of a VPN (virtual private network). A VPN service is the best way to conceal your activity online. When you use a VPN, your data connection is encrypted to prevent hackers and third-party snoops from viewing your personal communications, information and data.
If you have to use an open Wi-Fi network, it’s highly recommended that you avoid doing anything that involves private or sensitive data. It’s good practice to prevent your device from auto-connecting to Wi-Fi networks, disable file sharing and to only visit secure sites that use ‘HTTPS’.
For more information about staying safe on public networks, and to find out what services we offer that can help keep your personal and business information safe, contact us today.