THE DANGERS OF PUBLIC WIFI
THE DANGERS OF PUBLIC WIFI
What Is Public WiFi and How Does It Work?
A public WiFi connection is any connection that is freely available to the public and allows you to connect to the Internet. These connections are normally free to users and may be found in public places such as airports, shopping malls, restaurants, hotels, and coffee shops. Most of us have learned to accept these WiFi connections as a favour, allowing us to stay connected no matter where we are.
Regardless of convenience, it’s critical to recognize the threats that connecting to public WiFi can present to your device or network.
This work is crucial not only for one’s own safety. But also for the safety of populations that may be particularly vulnerable online, such as K-12 students learning remotely. Senior citizens who are unfamiliar with dealing with online risks, and telehealth patients whose sensitive data may be exposed.
Fortunately, there are several relatively simple modifications that can reduce or eliminate these dangers. Let’s look at some of the most frequent threats, as well as some precautions that may be taken to keep consumers secure online.
Common Dangers
It is believed that a new cyberattack occurs every 39 seconds somewhere on the internet. While it’s hard to tell how many of those are caused by connections on insecure public WiFi networks, considering the low or non-existent security of most public WiFi networks, it’s fair to presume that a significant number are.
Here are a few of the most common dangers:
This is a type of eavesdropping in which a “man” (or device) in a connection between your device and the router, service, or website to which you connect over free public WiFi intercepts data sent to and from your device. Man-in-the-middle assaults often require spying or sniffing, and hostile actors can use low-cost, generally accessible, and simple-to-use hardware and software to carry out a man-in-the-middle attack, making it a low-cost and popular sort of attack.
NETWORKS THAT ARE NOT SECURE
Because public WiFi is typically provided for free, the routers used in these networks sometimes have factory settings and lack basic encryption. Any data you send or receive over the connection can be read by anybody who can intercept or eavesdrop on it if it is not encrypted.
MALWARE
Malware is defined as harmful software that allows an unauthorized user to access a system, device, or network. A hacker may be able to slide malware or viruses to you through an unprotected connection if your device or system has a software vulnerability.
MALICIOUS HOTSPOTS
A malicious hotspot is a rogue connection that misleads victims into believing it is a genuine network – for example, a free WiFi connection at an airport called “Airport Lounge” may be managed by a hacker.
DRIVING IN WAR
This is the sort of exploit in which the attacker drives about neighbourhoods collecting unprotected or unencrypted data from wireless networks in use in the target region. The information acquired can subsequently be shared online or used to target people in the region.
DENIAL OF SERVICE DISTRIBUTED
A Distributed Denial of Service (DDoS) assault via WiFi happens when an attacker overloads the network you are connected to, causing your machine to fail. Every day, it is estimated that 23,000 DDoS assaults occur on the Internet.
KARMA ATTACKS
Karma attacks use WiFi flaws and a lack of access point authentication to gain access to, control or transmit malware to network-connected targets.
How to Stay Safe When Using Public WiFi
As a general rule, the easiest method to prevent public WiFi security risks is to avoid using public WiFi at all. In an increasingly digital environment, protecting your students, patients, employees, and customers with a highly secure and controllable connection solution, such is the best approach to keeping people safe.
You need to update your Preferred Network List: Hackers can build rogue access points with the same name or network IDs that your device trusts. Therefore, you should remove (or have your device “forget”) WiFi networks that you do not use or need to access regularly.
Never, ever utilize a covert network: Normal WiFi access points broadcast beacons that carry information that adjacent devices need to identify and connect to the network, such as the network SSID and the type of encryption it supports. Hidden networks, on the other hand, require the user to have previous knowledge of the network. If you have devices configured to connect to your own trusted hidden network, those devices will regularly scream out the name of the network you concealed, making the network an open target for anybody who can intercept those beacon emissions.
Isolate users to their own subnets: Many organizations that provide WiFi to their consumers may make the expensive error of not restricting guests to their own subnets. Each user should only be able to communicate with the router and should not be able to scan other devices on the network or connect to any open ports if subnet isolation is properly implemented.
Disable file sharing: If you have file sharing enabled, files may be automatically transmitted and received, and a hacker may attempt to transfer dangerous data or code to your system via a file or program that your system would accept via open file sharing.
Only go to sites that employ HTTPS and SSL connections: HTTP sites can be dangerous. Therefore, making it a rule to only visit HTTPS or SSL sites minimizes your chances of being attacked. When utilizing public or unprotected WiFi networks, avoid accessing sites that require the entry of important information, such as your banking website.
Purchase or activate a firewall and enable network encryption in your network settings.
Prevent your device from broadcasting its presence: By turning off your service set identifier (SSID), your wireless device will not broadcast its presence and will be less likely to be located on a network. You should also alter the name of your device from the manufacturer’s default.
Invest in a PLTE network: If you are the principal of a school or a company, it may be useful to invest in a PLTE (Private LTE) network in which you own and/or manage the network or receive some level of preferential treatment from your carrier regarding capacity. This can eliminate the need for public WiFi for good, enabling your students and workers to have fast, secure, and cost-effective access wherever they go.
To summarize, be cautious in whatever you do online, especially while connecting to a public WiFi network. Making these exercises a habit, as well as searching for methods to invest in secure and dependable wireless access for your students, staff, and community, are the most effective strategies to counteract these assaults and keep everyone safe.
UK Cyber Security Group Ltd is here to help
Please check out our Cyber Essentials Checklist
Please check out our Free Cyber Insurance
If you would like to know more, do get in touch as we are happy to answer any questions. Looking to improve your cybersecurity but not sure where to start? Begin by getting certified in Cyber Essentials, the UK government’s scheme that covers all the technical controls that will provide the protection that you need to help guard against criminal attacks. Or just get in touch by clicking contact us