Did you know that many free public Wi-Fi networks are not secure? As the availability of public Wi-Fi increases, so does the dangers that come with using it. You might think that the airport, restaurant, public transit or even your university Wi-Fi that you access for free would come at no risks but that’s not true. Imagine this, you’re at a local fast food restaurant waiting for your order, so you decide to check and reply to your emails to pass the time. You might not think that this act, however short and swift it maybe could cause your data to become compromised by someone malicious using the same W-Fi.
In a study carried out by the University of Maryland, results showed that hackers attack every 39 seconds, on average 2,244 times a day.
That is why it is essential to know how you can protect your devices from hackers who will misuse your sensitive information.
The risks of using Public Wi-Fi
You may be asking yourself, so what are these risks I’m supposed to be avoiding.
One of the most common ways a hacker can get your information is through Man-in-the-Middle (MITM) Attacks. MITM is a type of internet eavesdropping where an attacker intercepts the connection between your device and the connection point. This attack gives an attacker access to information passed between you and the websites you visit.
Another standard attack is the rogue Wi-Fi connection. This attack is when a hacker creates a public Wi-Fi network with a legitimate Wi-Fi name such as ‘KFC Free Wi-Fi’ to lure people in to use it. Once a victim connects to this Wi-Fi, the attacker can gain all their sensitive information.
Attackers can also use unsecured Wi-Fi connection to distribute malware. Malware can get on your device if you allow file-sharing across a network and the hacker can easily put infected software on your computer. While exchanging pictures and other documents to your friends via WhatsApp, Bluetooth, airdrop or email, Attackers can intercept these exchanges and add malware to those pictures or documents that infect your device as soon as it is downloaded. This malware gives them unwanted remote access to all the information on your device.
How to stay protected on Public Wi-Fi
Since using public Wi-Fi is inevitable because we all want to stay connected, here are some measures you can take to minimize these risks:
Use a Virtual Private Network (VPN)
A VPN is a secure private network that is created from a public internet connection that encrypts or secure your data to keep it safe and gives you some anonymity while using the internet. Using a VPN will mask your IP address which will make you virtually untraceable while you browse the web. Even if a skillful hacker somehow gains access to your connection, they will only see encrypted data. The most commonly used VPN’s that can be found in your app store and on their websites are ExpressVPN, Norton Secure VPN, NordVPN, Betternet, TunnelBear and Hotspot Shield
Verify the Wi-Fi you should connect to
Going back to the fast-food restaurant analogy, while waiting for your food to be ready, you can ask an employee at the restaurant what the name of their Wi-Fi is. This act will protect you from logging on to a rogue Wi-Fi connection.
Only visit sites using HTTPS
Hypertext transfer protocol secure (HTTPS) is a protocol where encrypted data 5is transferred over a secure connection. Make sure the website you’re visiting contains “https://”. Double click into the address bar to know if you’re accessing the correct https page. Some sites will also display a lock icon or the word ‘Secure’ if it uses https.
Turn off file sharing and adjust your Wi-Fi, Bluetooth and AirDrop settings
File sharing allows anyone on the same network to gain access to any of the public folders on your computer. Disabling auto-connect on your devices will ensure that the Wi-Fi you connect to was done knowingly and not just because your device was searching for available Wi-Fi networks. Doing this also prevents attackers from airdropping or transmitting malware that will allow them access to your device.
Use two-factor authentication
Two-factor authentication (2FA) is an extra layer of protection used to secure an account, system or device. Sometimes when you log into your Gmail account after entering your email and password, you might see a next step that says ‘Verify if it’s you’. This next step is two-factor authentication. In this step, a verification code is sent via a text message, a different email address or a call so you can go into your account. A hacker might have to gain access to your email and password, but they won’t have this verification code. Always utilize this feature if it is available for the website, especially if you are going to be using public Wi-Fi.
Always remember that “One single vulnerability is all an attacker needs” so it’s better to be secure than open to a world of data breaches.
Whitney Fearon from Jamaica contributed this article. Whitney is a member of WISC (Women in InfoSec Caribbean), a Discord group from the G5 Cyber Security Foundation Ltd. Learn more about WISC at wiscaribbean.org. WISC is a non-profit initiative supporting Caribbean women and girls to develop a career in Information Security.