Public Wi-Fi: Secure Your Connection, Protect Your Data & Stay Safe

Sajith Kumar, CIO, Happiest Minds Technologies Sajith boasts of having 26 years of Corporate Experience, during which he has worked with Ranjith Computers,Wipro,and MindTree, and has been associated with Happiest Minds for seven years now.

In the recent past, employees have been increasingly asking for open access to corporate Wi-Fi and the example they quote is of the availability of public Wi-Fi. Post that, I have been pondering over the safety versus risk associated with public Wi-Fi.

Anything that’s free comes at a price, and so does free public Wi-Fi! People try finishing tasks such as bank transactions and responding to e-mails while connected to hotspots at popular places hotspots that are probably not secure; a majority of which are very basic and have no focus on security.

Risks associated with public Wi-Fi
While public Wi-Fi has been a great boon to people in need of the Internet on the go, it is an even greater boon to hackers. There are no restrictions on individuals who want to put up their own hotspot with genuine names and hackers can configure these devices to get access to unsecured, unsuspecting devices or users’ private information. Instead of communicating securely with the servers, users could be sending sensitive information such as securitycredentials, financial data and other confidential information to identity thieves and cybercriminals who can easily misuse the data or even access the user’s system at leisure.

It is safe to assume that public Wi-Fi networks are never secure. Passwords of such networks are shared, and hence, literally anyone can effortlessly jump onto the network and stalk you online. Unsecured Wi-Fi connections are also a favorite route for distributing infected software and malware.

Types of attacks possible on a public Wi-Fi
Business owners believe they are providing added value by offering Wi-Fi to their customers. Unfortunately, security on such network connections is sloppy or non-existent. Let’s look at the types of cyber attacks users are susceptible to.

Malicious Hotspots: At times, users are not even aware of whose network they are joining. Setting up a wireless hotspot and giving it a desired network name(Service Set Identifier or SSID) is easy. By doing so, hackers lure users to join the network assuming it is legitimate. This hotspot becomes the channel for all data exchange, and the attacker is able to view and harvest sensitive/confidential information.

Imagine sitting at a cafe. You are likely to connect to a hotspot named after the cafe. But, what if the hotspot was on a hacker’s smartphone? The attacker will have access to all your data, including passwords.

Man-in-the-Middle(MitM) Attacks: The easiest way to trap an unsuspecting user, this is a form of eavesdropping where the hacker routes all data traffic from the unsuspecting user’s computer/ handheld device and the destination website/online service through a device or program that is specifically setup for this. The hacker is able to read all data that is transmitted, and then uses it either offline or by modifying it for the same transaction.

A security breach in 2011 tricked DigiNotar's system into issuing an intruder over 500 fraudulent digital certificates. These fraudulent certificates were then utilized in MitM attacks. The impact was so severe that the Dutch certificate authority had to file for bankruptcy.

Unencrypted Networks: While on public Wi-Fi, there’s no real need for providing security or implementing a complex encryption mechanism.
Hackers can easily intercept the signal using a phony hotspot or tampering software. Even Wi-Fi protected access 2 (WPA2)encryption that encrypts traffic between the wireless AP and the client isn’t strong enough, as anyone with the password can still sneak in. The password itself may not be complex.

Steven Pet row, a writer at USA Today, got hacked midair while writing an Apple FBI story. He was using paid, inflight Wi-Fi service and thought it was safe. At the airport terminal, the hacker announced to the journalist that he had accessed his files and e-mails luckily, only to make him realize the perils of using public Wi-Fi without a complex encryption mechanism.

Malware Distribution: Hackers are able to distribute malware quite effortlessly via a compromised public Wi-Fi hotspot. They inject malware by taking advantage of vulnerabilities in the network or software or operating system, and once that is achieved, they are able to misuse data without the user’s knowledge.

DarkHotel, the group active for over a decade, targeted business travelers across the globe with malware attacks using Wi-Fi in luxury hotels.

Snooping & Sniffing: Cybercriminals use special devices and software to indulge in Wi-Fi snooping and sniffing. Identity thieves eavesdrop on Wi-Fi signals and then access everything that the user does.

A Kaspersky Lab research in 2016 discovered that over a quarter of public Wi-Fi hot spots in malls did not have basic security controls. Another study showed that risky Wi-Fi networks were utilized in five of the 10 busiest malls in the U.S. 14 risky Wi-Fi access points were present in a single mall in Las Vegas. Hackers look for such connections and may use packet sniffers to intercept traffic.

Should you Use Public Wi-Fi?
No! Use your own secure hotspot when possible. Hackers can access every piece of information that is sent out when connected to public Wi-Fi. But unfortunately, in spite of warnings and huge investments in educating people to understand the perils of using public Wi-Fi, many still think that they cannot become cyberattack victims. It’s time we realized any detail shared or accessed on public Wi-Fi is as good as gone.

If you have to Use Public Wi-Fi, how do you Stay Safe?
Today, the growing popularity of mobile Wi-Fi highlights the fact that Internet security issues and public Wi-Fi risks are also growing significantly. The easiest way to stay safe from cyberattacks is by investing in an unlimited data plan which can eliminate the need to connect to a public hotspot. But, if you ever find yourself in a situation where this is not possible and you have to connect to public Wi-Fi, here are a few recommendations. Disable the automatic connection option within the Wi-Fi settings to stop your system or device from connecting to public or open Wi-Fi networks without consent. Use a corporate or any other virtual private network (VPN) to secure your connection and keep data encrypted in transit. Please do evaluate the VPN provider before you actually use the VPN. Some of the VPN tools that can potentially be used have been listed in the next section of this article.

If you do not have access to VPN, use only SSL/https connections. Enable the ‘always use HTTPS’ option on websites, especially those that need you to enter your credentials or would need confidential data to be uploaded/shared. Do not enter your personal identification number(PIN) or passwords or access any personally identifiable information(PII) unless you are sure the connection is secure encrypted via HTTPS or VPN.

Disable file sharing by going to system preferences or the control panel on your system.

Ensure your software is always patched and updated.
Enable your firewall and use an antivirus that can help detect malware. Do not accept the Wi-Fi supplier’s terms and conditions without fully reading and understanding what you are agreeing to.

VPN Tools and Other Alternatives to Stay Safe from Cyberattacks!
VPNs allow users to access region-restricted websites, protect browsing activity from hackers, etc. That way, even if a cybercriminal succeeds in getting in between your system and the destination website/service, your data will stay strongly encrypted. Decrypting data can be quite a lengthy process, and hence, the hacker may simply discard your stolen information and go after an easier target.

Norton Secure VPN, PureVPN, ExpressVPN, VyprVPN, Ivacy VPN, NordVPN, VPN Unlimited, Buffered VPN, IPVanish, PrivateVPN, and SaferVPN are some of the popular VPNs available in the market. These are great alternatives to public WiFi networks, and while they require a small investment, the peace of mind and security they provide is well worth it. You will also find free VPNs such as Hotspot Shield Free, TunnelBear, Windscribe,Speedify and ProtonVPN. Some of the Android phones have a built-in VPN service and can also be a choice.

In case you do not have a VPN connection already configured on your device and are unable to do so before connecting to public Wi-Fi, ensure that your session is encrypted every single time you connect to any website over the public Wi-Fi. The text in the URL field should begin with HTTPS. Make sure that your entire session stays encrypted.

Remember, anyone can be a hacker and your data is valuable. So, next time you want to connect to public Wi-Fi at the airport, hotel, coffee shop or mall, think twice.