How often do you check your work email when you’re at Starbucks? Do you enjoy online shopping while you sip your coffee? Public WiFi is one of the most convenient and useful features of today’s society. However, using public WiFi comes with many serious security risks, yet the overwhelming majority of Americans do it anyway. In a study by privatewifi.com, 75% of respondents admitted to connecting to their personal email while on public WiFi.
There are many ways a hacker can access your data while you’re on public WiFi. The most common method is “Man in the Middle,” where traffic is intercepted between a user’s device and the destination by tricking the user’s device into thinking the hacker’s machine is the access point to the internet.
There are many horror stories about public WiFi out there, one of which was known as “Dark Hotel.” Dark Hotel ran for 7 years and is believed to be a sophisticated economic espionage campaign. It targeted CEOs, government agencies, U.S. executives, NGOs, and other high-value targets while they were in Asia. When they connected to what they believed to be the hotel’s public WiFi, they actually connected with a hacker who pushed them prompts for software updates. The hacker used what is called a rogue hotspot, which usually carries a similar name to a legitimate hotspot. The “software updates” were actually malware that could sit inactive and undetected for months before being remotely accessed to obtain sensitive information.
So what are some ways to avoid a public WiFi hacking incident? Below are some tips:
1. If you must use public WiFi, also use a virtual private network (VPN) to secure your connection. A VPN creates a secure tunnel where data sent over a WiFi connection is encrypted.
2. Don’t log in to password-protected websites that contain sensitive information when using public WiFi. Examples are banking, social networking sites, and email.
3. Keep your software patched and up to date on all of your devices.
4. Don’t use public WiFi to shop online or do anything with your credit card.
5. Implement two-factor authentication when logging into sensitive sites.
6. Only visit websites with HTTPS encryption when in public places.
7. Turn off the automatic WiFi connectivity feature on your phone, so it won’t automatically seek out hotspots.
Offering internet isn’t enough; there is a quality of service and expectation that the users won’t get compromised if they connect to a wifi network or any other network service. Email us today at firstname.lastname@example.org.