Keeping Your Data Safe on a Public Wi-Fi

safe wifiWi-Fi makes internet access comfortable and seamless, thanks to its presence in virtually every home, office, university campuses, and various public spaces. Wi-Fi networks utilize radio waves — transmission media similar to the ones used by mobile phones and televisions to connect to a router, which then connects to the internet via a dial-up modem or cable. While super handy, its wireless nature gives rise to an array of cybersecurity vulnerabilities, making public hotspots a danger zone.

Public Wi-Fi Usage Statistics

According to JiWire’s Mobile Audience Insights Report (pdf), in the third quarter of 2013, about 85 percent of public Wi-Fi hotspots in the United States were free. The fact that a wireless network can be accessed within 300 feet from the wireless access point makes it easy for anyone — including hackers — to have access to the network.

Most Wi-Fi users only use free Wi-Fi without realizing the risks associated with it. As desirable as free Wi-Fi is to public users, it is also a joyride for hackers. Since there’s no authentication required for users to have access to public Wi-Fi, hackers can easily position themselves between the users and the access point, thereby gaining access to the information meant to go to the access point.

Apart from this, any information being sent via the internet — e-mails, credit card data and sensitive personal information — can be intercepted and exploited by hackers for malicious reasons. In addition, it is usually easy for them to distribute malware via unprotected Wi-Fi and implant virus on computers that enable file sharing on the public network. Some hackers find their way to the access point itself and send alerts to users’ computers offering some form of promotion or software upgrade. Once the person clicks this link, button or popup, the malware gets installed on the PC.

Dangers of Using Public Wi-Fi

The advantages public Wi-Fi poses are numerous and cannot be totally ruled out. However, it is pertinent to aware of the risks. These are some of them:

Packet sniffing: This malicious act is achieved through the use of software sniffers. With the use of this software, hackers are able to “eavesdrop” or “spy” on the activities carried out by the unsuspecting user without permission. This works the same way as wiretapping of cellphones. It gives malicious actors access to every email, file, web search and history, passwords entered on websites, images viewed and account information. Most times, the compromised user has no idea that these details are being captured.

Rogue access point: This is an unauthorized access point set on a public network in order to provide access to it. This access point can be set up using a physical device or through the installation of a software on the router or device. It enables the hacker to remotely attack any vulnerable user within close range or several miles away.

Man-in-the-middle attack: Here, malicious actors position themselves between the victim and the entity on the receiving end of the user’s message. The man-in-the-middle more often than not poses as the receiver of the information — legitimate enough for the victim not to suspect any foul play. The “man in the middle,” after intercepting the message, then goes on to decrypt the encrypted messages (if any) being sent between both parties.

Staying Safe

There are several other ways by which personal and sensitive data can be exploited through public Wi-Fi networks, but discussed below are general ways to keep your devices and personal information safe if you have no choice but to use public Wi-Fi:

Virtual private networks (VPNs): A VPN is one of the major ways for connecting to the internet securely, whether on a public or private network. A VPN typically enables you to create a secure connection to the internet and also masks your location by providing an IP address different from the one assigned to you by the access point.

Once you’re connected via VPN, it take extra effort for a hacker to go through layers of encryption, which might end up being unsuccessful and tedious. Since most hackers are often after easy prey, they simply discard such users and move on to more vulnerable ones. As an added advantage of using VPN, you can also access region-restricted websites and perform functions they were previously unable to.

SSL connections: In the event where a VPN connection isn’t readily available and there’s an urgent need to access the internet, the use of SSL connection helps add a layer of security to your communication. It is usually advisable to enable the “always use HTTPS” option, as seen on most websites that are visited regularly. Most reputable websites that deal with sensitive account information usually have the “HTTPS” prefix before their website URL, so it would be a good rule of thumb for every user on a public network to look for this before filling in any sensitive details on any website.

File sharing: When connecting to the internet at public places like coffee shops, there is likely no pressing need to turn on the file sharing option on your device. Turning this off from the control panel or system preferences options, depending on your operating system, goes a long way in making sure your files are secure on a public Wi-Fi.

Internet security solutions: Such solutions include antivirus or anti-malware software, which scans every file coming into your device and warns you of any potential threat that might have a negative effect. Such solutions also warn users of malicious links or website URLs that might have been previously flagged or have phishing content.

Ultimately, prevention is better than cure, therefore it’s best to use your own mobile data or Wi-Fi. But if you’re in a dire need to use public Wi-Fi, use the above security measures.

About The Author

Jack Warner is an accomplished cybersecurity expert with years of experience under his belt at TechWarn, a trusted digital agency to world-class cybersecurity companies. A passionate digital safety advocate himself, he frequently contributes to tech blogs and digital media, sharing expert insights on topics such as whistle-blowing and cybersecurity tools.