We are in a fast-paced society where most things are available to most of us instantaneously. We’re so used to having everything accessible to us on-demand and in real-time because of smartphones and the internet, our standards of what is fast and what’s convenient are leveling up to very high standards.
Public WiFi is now one of those standards. People’s hunger and demand for connectivity have made public WiFi a commodity, everywhere from libraries to coffee shops. We now have 5.19 billion mobile users, and 80% of those mobile users access the internet through their mobile devices.
We’re always on our smartphones and tablets, and plenty of us bring our laptops with us, even on vacation. Just have a look at this data chart:
With all these devices in our hands, on our persons and always contributing to our social lifestyle, connecting to public WiFi hotspots seem like second nature to us. We do it often in hotel lobbies, airports, and other transportation terminals, cafés and restaurants, malls, and any other public areas that offer WiFi.
But these public WiFi hotspots are also hot for cybercrime to happen, like malware attacks, data breaches, or even personal information identity theft. Public WiFi systems are like open invitations for hackers and attackers due to the unsecured nature of the network and the abundant choice of victims.
This article is to inform you what to look out for and make sure you follow these WiFi safety tips!
Man-in-the-middle (MITM) attacks and rogue hotspots are ways that these cyberattacks transpire in these public WiFi spaces. According to Norton, MITM attacks are when cybercriminals exploit a security flaw in the network to intercept data.
The hackers sniff out information out of browsing activities, account log-ins, and eCommerce transactions. Delicate information, such as passwords and financial data become exposed to identity theft. Hackers could intercept communications among two parties who believe they’re communicating directly with each other, unaware of a snooper in the middle.
A rogue access point are dummy WiFi hotspots that take on a similar name of a legitimate hotspot set-up by cybercriminals to trick and lure people into connecting to their network. For instance, you can be connected to a café’s internet WiFi, or so you thought, but actually to a "rogue network" of a cyberattacker in the same coffee shop that uses fake networks to gather information, like your bank account login data.
Coffee shops can be a very vulnerable unsecured network because of the high risk of cyberattacks when you are traveling. Once a victim links to the rogue WiFi hotspot, the host hacker can then intercept data and even use different tools to inject malware into whatever device connected to them.
If you are unfamiliar with any new networks that you want to connect to... always proceed with caution. If you think airports or hotel lobbies are safer, think again. Wherever there is a public WiFi system set-up, it's like a moth to a flame, cyberattacks are most likely to happen in these spaces. Through a WiFi sniffing device (Packet Analyzer), a hacker can easily see what’s happening on a network, even in seemingly safe places like airports and hotels.
Kaspersky who are experts in cybersecurity talks about the main dangers that lurk in public WiFi networks in this video below:
Better safe than sorry, as most security experts discourage the use of public WiFi. In case of emergencies and you need to access the internet through one, always be on the lookout for your private security when you are using a public WiFi network. You can also subscribe to use a VPN service to be that much safer online.
We gathered some do’s and don’ts when using public WiFi to stay on the safe side of the worldwide web:
Accept that WiFi sniffers and other cyberattacks are commonplace, even if there may be no news about these attacks in your local area. It’s better to be in a proactive stance like this than be caught unaware and unprotected.
Being careless with your cyber and data security can be costly and damaging once an attack or breach is already in place. It is projected that global cybersecurity spending will exceed $1 trillion dollars cumulatively from 2017 to 2021.
Cybersecurity is serious, and you should take it seriously too.
Some hackers, would sometimes just walk swiftly around a public area and snoop around, looking for users who might be typing usernames and passwords or even credit card information. Some of you might think it seems absurd that people will encode sensitive data on their devices without guarding against prying eyes, but some actually do. Be aware of anyone who is nearby and shield your screen when keying in passwords.
Never visit e-commerce sites and do online shopping on a public network, and never log in to your bank or credit card website or app on an open public network. It is better to as a precaution to turn off public WiFi on your mobile settings and use your data on your smartphone to stay out of harm's way.
Even if you think you are just checking your Facebook or uploading a picture, hackers can still harvest sensitive, usable data on your device or on things you transmit, so use public WiFi only when necessary. If it’s to check some vital information, do so quickly, instead of unnecessarily browsing online just to kill time.
If you are in a hotel, restaurant or café, and even in an airport, it wouldn’t be too much to ask somebody in authority, staff or maybe an information desk at the airport, regarding the official WiFi connection or connections being used. WiFi connections that need passwords from the host are a good indication of a secure network. In hotels, it is always smart to ask the hotel how they are protecting your information.
A secure webpage, or an HTTPS, is a secure page that uses encryption and starts with https:// before the www. The “s” stands for “secure,” which makes a ton of difference when you’re typing in things like your email address and password.
Unsecured websites that require your personal information are scary. Browsers like Google will put up an alert when you are leaving a secured site, so do not ignore such warnings to keep yourself, your device, and your data secure.
Whenever you are logging in through a public WiFi network, use a different browser that you do not usually use, to protect your browsing history and passwords. If you use Chrome for your day-to-day operations, use Microsoft Explorer or Mozilla Firefox while on public WiFi.
Never save passwords or click “Remember Me.” Another strategy is to use an incognito browsing window on sites that don’t require passwords, although experts are saying that even incognito browsing does not immune you from attacks either.
The Brave Browser has been gaining a lot of popularity as it helps to block ads, trackers and helps with privacy issues, however, if you are connected to a hacked WiFi hotspot, even this can't keep your data safe.
Check with your internet provider if they have options for you to set-up personal WiFi hotspot for all devices used by your family (phones, tablets, and laptops). You can create a portable router with a SIM data card available at electronic stores or airport kiosks.
Just as you should not be accessing sensitive and private information on public WiFi networks, do not use this on public PCs as well. If you are using a public computer in a library, internet café, hotel lobby, or airport, don’t go to sites that require logging in with a password or keying in your credit card number. Also staying away from file sharing sites would be good, as can grab years' worth of documents.
Just stick to web surfing.
Internet hackers may have malware already set up on these public computers or other software designed to harvest your data.
Your smartphones need to be password-protected as well as all essential apps on your phone. Apps that you use for banking or eCommerce activities and all financial and healthcare benefit apps are better left alone. Never select “remember me” or “keep me logged in,” even if it is your phone.
Your phone may be stolen, and if you click this feature, what stops the thief from robbing your data and robbing whatever they can steal from you as they gain access to your accounts. It takes just a few additional seconds to input your passwords every time manually, but that protection would save you from worrying if those kinds of apps had not shut down properly.
You can immediately change passwords on another device or lock your phone in case of theft. Use a two-step authentication process on sensitive apps, with additional email code verification or a link sent to you via SMS. These processes are in place to make your accounts even more secure.
Also, use unique passwords, using alphanumeric and special characters to make your passwords strong. Make it a habit to alter your passwords often, or use a password manager to help you secure your apps and devices.
Don’t ignore properly logging out of all your accounts and apps after each use. Yes, it may be cumbersome, but it’s a minor discomfort that gives you an extra level of protection. It’s better to do this repeatedly than put yourself at risk of a data breach from a cyberattack.
Tài Doick of the Fort Gordon Public Affairs Office of the U.S. Cyber Center of Excellence says that “twenty-five percent of all public WiFi are not protected. That means that any data you send over these networks can be seen by everyone.
You should never connect to one of these networks if you can avoid doing so.
Anyone who illegally enters the network can decrypt any information transmitted over it, including sensitive credentials and banking information. For this reason, it’s better to use a Virtual Private Network, or VPN whenever you are using public WiFi.
A VPN allows you to have a secure connection through 28-bit encryption. You can access region-restricted websites through a VPN as well. They do count as an extra expense on your end, but this additional expense gives you peace of mind and better cybersecurity.
Companies need to know the importance of security in your business and make VPN's standard in their company’s policy. If you have distributed teams with offsite or remote workers, require the use of VPN whenever they log in and access the company’s network to prevent a data breach through their devices.
Even if you are just using a VPN for personal protection, it is still a worthwhile investment as it gives an extra layer of security for you.
When it comes to cybersecurity, take a strong defensive stand, and even an offensive against cyberattacks. Sadly, a high number of people experience cyberattacks due to carelessness, or simply because they are unaware of the risks.
With a trillion-dollar cyberattack risk that the world suffers yearly, all of us need to make cybersecurity a top priority, daily especially when we use open networks such as public WiFi.