Cyber Basics: Beware of Public Wi-Fi

It’s a typical scenario: you find yourself waiting for your morning coffee and decide to check your work email. You notice that the coffee shop has a public Wi-Fi network, and you join without a second thought. But as the availability of public Wi-Fi continues to grow in popularity, the opportunity for users to fall victim to hackers grows as well. So what exactly are the dangers of using a public network?

When you use a private Wi-Fi network (a network that requires a passphrase for connection), your data is usually protected by a degree of encryption. Encryption helps protect your sensitive information and browsing history by scrambling data in transit so that even if someone gains access to it, they will be unable to read it. But when you connect to an open Wi-Fi network, it is generally unencrypted, making it possible for other users to intercept your personal data, including usernames, passwords, and banking information. This makes public Wi-Fi networks like those provided by coffee shops and airports potentially dangerous places to do online banking or even shopping.

There are three main types of attacks orchestrated through public Wi-Fi: man-in-the-middle attacks, rogue Wi-Fi networks, and Wi-Fi sniffing.

caitlin.stephenson_blog

1. Man-in-the-middle attacks are simple to do. Anyone can buy software online that can capture and analyze somebody else’s browsing history on a public server. The hacker intercepts the link between you and the Wi-Fi connection point, giving them easy viewing access to your activity and private information.

2. Hackers can easily create their own “rogue” Wi-Fi hotspots. These hotspots are disguised to look like trusted public networks and could even be given names such as “Hotel Lobby Wi-Fi” or “Free Café Wi-Fi” to encourage public use. Once you connect to a rogue network, the hacker has easy access to your private information. It is also easy for you to accidentally download malware created by the hacker.

3. When your computer connects to a network, information like usernames, passwords, and files are passed back and forth between your computer and the network. During this process, hackers are able to use Wi-Fi “sniffing” to snoop for information. With this method, attackers can use software to capture the information being sent between the computer and the network. They can then analyze this data for your login information and cookies on several websites whenever they wish. This process is not always illegal, making it difficult to combat once you’ve fallen victim.

Despite these dangers, there are a number of things you can do to protect your privacy. Tools like the HTTPS Everywhere browser extension can help you stay on encrypted sites. In fact, many websites, including Facebook, already utilize HTTPS to ensure user safety. HTTPS encrypts websites so that your information stays safe even while on unsecure networks.

If you would like to take additional precautions, you can invest in a Virtual Private Network (VPN). VPNs will connect you to a secure, remote network through the internet, allowing you to access your information privately. While free VPNs are available, you should approach these with caution. Popular VPNs include Golden Frog’s VyprVPN or the OpenVPN.

If you don’t want to invest in a VPN, there are still basic measures you can take to keep your information safe. On Windows devices, always select the public network option when connecting to public Wi-Fi. In doing so, your computer will automatically turn off file sharing and public folder sharing in an effort to combat malicious software. Alternatively, you can turn off sharing (under “System Preferences” or “Control Panel” for Mac and Windows, respectively) to ensure you are not accidentally inviting hackers to view your data. You can fight malware by downloading software like Norton, which can detect corrupt files, and by only downloading and opening files that come from a known and trusted source. Always be sure to leave your firewall enabled and updated.

It’s important to keep in mind that your smartphone could be vulnerable as well. To keep your information safe, properly close your apps when not in use as they may continue to share information while running in the background, and turn off the Wi-Fi and sharing settings when not in use.

Your information doesn’t have to belong to anyone else. Just be sure to do your part in protecting your data.