In a world where almost everything comes with a price it’s sometimes nice to have at least free wifi. But starting with such a poetic intro here actually comes the real concern: how to use Wi-Fi for free and keep your data private.
Many people don’t realize it but using public Wi-Fi puts you at a great risk of losing confidentiality of your data and many other unpleasant consequences of poor cyber hygiene. A wireless access point (WAP) or just access point (AP) allows you to connect as many as possible wifi devices to a wired network.
The danger comes from within. In all public places like hotel rooms, public transport, libraries, coffee shops, restaurants, airports, shopping malls, etc. often lack some important security measures. And we are not talking here only about passwords.
Why is Public Wi-Fi Insecure?
The public Wi-Fi network can be considered insecure for several reasons that can lead to further compromise of your device and data. Any public wifi will surely have some of them that you should be aware of in order to have some countermeasures already prepared in case you would need to use a public wifi network. You also would not necessarily have some of them immediately but rather when there’s one then here comes the another. Using tips and tricks you will be able to protect yourself and use public Wi-Fi safely. To be short, here are the reasons why it is important to secure your Wi-Fi network:
- Theft of personal information. If you get hacked on any public wifi network the most serious loss could be of your personal info including banking logins, social security number, etc. Once a threat actor manages to obtain some of them they can infer further damage to you.
- Potential cyberattacks. We mean here the risk of getting malware that depending on the nature of it can also bring no less “pleasant” consequences. It can be something like an infostealer or trojan but sometimes other interesting representatives of this specific fauna.
- Unencrypted connection. Some websites have unencrypted connections that puts a user on the public wifi to significant risk.
- You don’t control network network security settings. You have not set up passwords and also don`t know if there`s encryption in place.
- Outdated router software. If it’s outdated then there’s a huge amount of exploits for anyone willing to go after your device and data.
- Misconfigured Wi-Fi routers. Configuration means setting general wifi router settings like LAN (Local Area Network) Setting, DHCP (Dynamic Host Configuration Protocol) Setting, WAN (Wide Area Network) Setting, etc. For those threat actors who would know how to exploit any of the security breaches in one of these elements, misconfiguration of them gives an excellent try.
IMPORTANT: The Emotet Trojan tries to spread through available Wi-Fi networks1. Once it finds an available network, Emotet tries to guess the credentials to access it. If the attempt is successful, the malware searches the new network for all Windows machines that might also be infected.
Hackers Can Use Public Wi-Fi
How to use Wi-Fi for free and keep your data private2 is a very important topic to research. If you are intrested how exactly you can get hacked while using public wifi then it`s the next “challenge” for threat actors:
- You can get your session hijacked. During a session between your computer and some website an attacker can intercept the connection and pretend to be on the backend of the website you were connecting to. Because you’ve already logged in the attacker can have all the access, for example, to your banking account.
- You can get infected with a malware3. If you use public wifi you put yourself at a risk of a malware infection. It can be ads on the websites you visit that usually don’t have ads or it can be a much more serious threat like some info stealer.
- You can have your packet sniffed. It may sound funny but actually it’s not as funny as you’d think. In simple words anyone that is on the same connection as you can view what you are transmitting over the wifi network. Of course it’s possible if the connection is unencrypted, which in most cases is true for the public wifis.
- You can become victim of a Man-In-The-Middle Attack. When conducting this type of an attack the threat actor will set their own hotspot similar to the one, for example, of a hotel you`re currently staying in. The hotel named their wifi WellSleep but the attacker`s could be named WellSleap. Everything you will do while connecting to this fake public wifi will be on the attacker`s computer like login information,personal info, passwords, etc. Pay attention to this so that you can use public Wi-Fi safely and without threats.
Protect Your Information: Use Public Wi-Fi Safely
We’d say it’s better to use your own smartphone as a hotspot but if it can`t be an option then a user should stick to some security measures to have safe and secure usage of public wifi. In all their bad light public wifis can sometimes really help you when you urgently need to connect to some website or just check the currently needed information. Don`t forget to use them every time you decide to connect to any public Wi-fi in a hotel or airport:
1) Use Antivirus. The most basic thing of today`s cyber hygiene. Use a special antivirus solution to protect your device in case of a malware cyber attack. Also don’t forget to check if you will be running the latest version of an antivirus solution. Set an alert for any future malware encroaching on your device`s safety and security. One of the profitable and working methods is Gridinsoft Anti-malware.
2) Also use a firewall. Firewall doesn’t allow any external threats to come to your system. It can be considered a complete protection but having one on the security guard of your device won’t be a waste of time and effort. You already have the inbuilt firewall in your system just go to check if it’s enabled or not. This is one of the recommendations that will help you use public Wi-Fi safely.
3) Use HTTPS. If you don’t use VPN then it’s very important for you to look only for those sites that have the encryption in place. The encryption means that the connection between the web server and browser is secured and no one except you can access the shared data. Most browsers will have a padlock to show that the connection on this website is secured.
4) Use Virtual Private Network. A VPN (Virtual Private Network) allows you anonymously to surf through the internet without anyone knowing your actual location. The tool also helps you to encrypt your data traffic so when you are using an unencrypted connection on some website your data will be secured. It creates a protected tunnel that your data will be passing through making it unobtainable by threat actors. Using a VPN will help you use public Wi-Fi safely and without threats to your personal data.
5) Verify public wifi network, configure it and turn off sharing option. Before you connect to any public wifi network go and ask for the right name for it. Check with an employee if that is the right wifi hotspot you are looking for. If you have this set then put the important for your safety security settings like disable sharing file option, right after you are done working with the public wifi network put the optin forget it so you won’t be automatically connecting to it once you will come to the place again.
6) Don’t access or send any sensitive data. To be hundred percent sure your highly sensitive data won’t get exposed while you are using a public wifi network it will be better not to work with it at all. Simply because you don`t know for sure if the apps you are using don’t have any flaws themselves that will allow threat actors to access your sensitive data.
7) Use 2-Factor Authentication. In case a threat actor will manage somehow to obtain your login information they still could not use it. Because in this security method apart from entering your login information you will also have to enter a code sent to your phone to additionally check your identity. Any website that deals with highly sensitive information will have this one that works as a secondary authentication method.
8) Pay attention to any warnings arisen. Always attend to any notifications that will appear on your phone as they might indicate the compromise of your device, let it be fake notifications created by malware or the actual system alert. The same goes for the websites because most browsers will warn before you proceed to the website you want to visit. Don’t just be careless and instead be your own first security guard.
8) Install browser add-ons or plug-ins that will help you to boost the security. You can use special add-ons in your browser to help you with the encryption of website connection. For example in the Firefox browser you can install HTTPS-Everywhere and Force-TLS that makes the browser apply the encryption on popular websites that don’t have it. But they do not work on every website so you still have to look for the padlock in the address bar.