Being connected to the internet or online has almost become something most people take for granted. For business reasons, many people need this constant connectivity with their laptops or their phones to stay connected and productive. This need has caused free WiFi to pop-up just about everywhere.
Most cafes, workspaces, and public buildings usually offer some kind of free WiFi. Guests and customers demand it and businesses like that it makes customers stick around longer and hopefully spend more money.
According to a Forbes survey, 35% of the population will access free WiFi multiple times a month. And 40% of those accessing free WiFi have had their information compromised.
But while free WiFi can be great for productivity, there are risks to using public WiFi. Being free, anyone can access it, including those with nefarious intentions.
In this article, we’ll go over the dangers of public WiFi, how hackers exploit these issues, and ways to prevent them to keep your data and privacy secure.
Why Is Public WiFi Dangerous
It’s important to understand the key difference between something like an open WiFi network and your home or office network that you may log into.
A home or office network almost always requires authentication. This means that all users must have valid credentials before logging on. Also, all users logged in are part of a record, so anyone who happens to be up to no good can usually be exposed rather easily.
Also, many office networks have built-in security features such as zero-trust architecture or ZTA. This means users are constantly being authenticated as they move through the network or access different resources. So even if a password is compromised, the attacker may be detected when they start trying to access sensitive areas or unusual areas.
Networks use many systems such as ZTA to keep networks secure and most users are totally unaware they are being used. But it’s these hidden systems that keep everything so secure.
By contrast, a free WiFi setup or unsecured WiFi has none of these advanced features. Being free and open to the public means most standard security practices have to be abandoned. This creates a situation with zero authentication and what essentially becomes the opposite of zero-trust and instead becomes “trust everybody”.
When talking about open network security risks, the notion of “trust everybody” is not what you want and opens the door to all manner of attacks, which we’ll touch on next.
What Is The Danger Of Using Public WiFi Connection
The biggest danger is that it exposes your devices and data to various specialized attacks that hackers have developed to work in conjunction with free WiFi. These specialized attacks can be difficult to detect if you’re not aware of the warning signs.
Below are some of the most common attacks that hackers use when exploiting public WiFi networks.
The Most Common Security Risks With Free WiF
There are several key vectors of attack that hackers and others will use to exploit free WiFi. These are the core types of attacks, although there are variations on these methods which then create even more security issues
Unencrypted Network Traffic
Secure networks either at your home or office will almost always have advanced encryption enabled.
Encryption in a WiFi scenario means that the data moving between your device and the router is encrypted using various methods that range from basic methods to more advanced ones. This means that anyone intercepting that data will have to decrypt it to find any use for it.
Most hackers are looking for easy targets, not difficult targets. So even basic encryption is enough to force hackers to move on to another target. The only reason a hacker would bother trying to break strong encryption was if they knew their specific target had some juicy information they wanted.
But most hackers on free WiFi are essentially just fishing for information until something they feel is useful pops up. This can mean credit card info or personal information to help them commit identity theft or fraud.
With free WiFi, it’s very possible that encryption was never enabled and it’s difficult for many users to even know if their signal is encrypted or not.
Because of this, you should never send sensitive data over a public or free WiFi system. You should always assume your data is free for anyone to read when on free WiFi.
Fake Or Malicious WiFi
One of the more dangerous risks when trusting free WiFi is that you may end up connecting directly to a hacker’s network access point instead of that of the network you want to connect to.
A hacker can easily use a device they hold or have in a bag to create a strong WiFi signal. This signal can overpower the other local signals and appear to be more appealing. They will likely also give it a similar name to networks in the area, such as the name of the coffee shop where you happen to be.
When you connect to this fake WiFi, you are essentially connecting directly to a hacker and exposing your personal information. They now have all access to the data you send or receive without any restrictions. Not only that, they can now move on to other forms of attacks on your system and even plant software.
To avoid this, always check the name of the public WiFi networks you are connecting to and check the other names as well. Make sure there are no duplicates or similar-sounding ones. This can be a clue that one is a fake.
Also, feel free to ask an employee at the business what the network is called. If you frequent the business, you only need to ask this once and then you will always know which connection is the true one.
This is a simple security step and one that can help avoid one of the biggest threats that come with using free WiFi.
Malware
Although more difficult, connecting to public WiFi or malicious WiFi can allow malware to be installed on your device.
This is a slightly more sophisticated attack and will require extra steps by the hacker. But it also gives them virtually unlimited control of your device even when you leave the free WiFi hotspot.
This can also be hard to detect, so your device may be compromised for some time before you even know it.
For this attack to happen, it will generally require you to perform some action that unknowingly helps the attacker. For example, you may click on a link that is fake, something referred to as “phishing”.
An example may be a pop-up window saying you need to register to use the free WiFi. The link may go to a page controlled by the hacker. This can then be used to cause you to download malware or even have it placed on your device if the hacker has enough access.
Avoid this by always checking links before clicking on them. Also, you should never download any app or software before thoroughly vetting the source.
Man-In-The-Middle (MITM) Attacks
MITM attacks are very common in the hacker community and it’s one of the more common ways that cybercriminals obtain sensitive data or login credentials.
These middle attacks can be similar to the previously mentioned fake WiFi hotspots, but hackers don’t need a completely false network to pull this off, which can make them tricky to detect.
There are several ways that hackers can place themselves in the middle of your communication without you knowing.
Packet Sniffing
Data is sent between your device and the network in segments that are called packets. These packets contain the data being sent as well as information about the data, sender, and network itself.
Hackers can use inexpensive tools called packet sniffers which detect these packets moving on your WiFi connection and then look for vulnerabilities. They can either spoof packets or inject false packets into the communication which can lead to your device being compromised.
SSL Stripping
You’ve likely heard of SSL certificates where the SSL stands for Secure Socket Layer. It’s a type of encryption websites use to ensure data transmitted is secure. However, hackers can use a MITM attack to strip packets of SSL information and then gain access to the non-encrypted version. This would mean a connection to an HTTPS address is now treated as an unsecured HTTP connection.
Session Hijacking
In this type of attack, the hacker can essentially steal your current “session” while connected to various services such as social media platforms. Even though they don’t have your password, by hijacking your current session, they now have access to your account as if they were logged in.
To avoid MITM attacks, you can use the following tips:
Only connect to the legitimate version of a website or network. This may seem obvious, but as we work and are busy, it’s easy to click on a link that looks like the legitimate address but it has one letter changed. This happens all the time and the user is now immediately compromised.
Strange pop-ups are also something to be aware of when on an unsecured network. Any pop-up that states there is an issue with your system or that you need to log in to something should be taken with extreme caution. Always confirm these are legitimate pop-ups before following their instructions or entering any information. If in doubt, close them, close the connection, and restart your device.
Offering Free WiFi Can Also Be Risky
If you’re a merchant or business owner, you may offer free WiFi to your customers. This is a great service and can help you attract and keep more paying customers in your store. However, there are a few risks involved in doing this.
You can continue to offer free WiFi but make sure to take a few precautions as well.
Use Encryption If Possible
Make sure your router has encryption enabled. If possible, use WAP 3 or at the minimum WAP 2. Anything below these is not adequate, such as WEP or TKIP. You can change these settings by directly accessing your router via a network cable and accessing the admin control panel.
Segment Your Free WiFi From Your Business Network
Don’t share the same network that contains the free WiFi and your internal business network. These need to be totally separate and even air-gapped if possible. By sharing these resources you are essentially rolling out the red carpet for hackers.
Also, if you’re a merchant processing credit cards, none of your POS devices or terminals can be connected via public WiFi. This is a huge security risk and will likely put you out of compliance with PCI guidelines and your processing agreement.
So always keep these systems separate if offering free WiFi to your customers. You can also post information about WiFi safety and security, such as the WiFi name, to help customers protect themselves as well.
How To Protect Your Data On Public WiFi
So, is public WiFi safe?
All of these methods of attack may make you want to never use free WiFi ever again. But free WiFi can be a useful tool as long as you follow basic security measures. Below are some tips to help mitigate many public WiFi risks
Use A VPN
A virtual private network (VPN) allows you to connect securely to your own network even if using free WiFi. While this doesn’t offer total security, it adds a huge layer of safety, and often a hacker will simply ignore encrypted data unless they are specifically targeting you.
VPN services are often inexpensive and they have services that can be added to a variety of devices. If you use free WiFi on a regular basis or work remotely, consider a VPN for an added layer of security.
Always Check Website Addresses
Always check the website you are visiting before logging in or sharing data. This means carefully reading the address to make sure it is not fake or spoofed.
Also, check that all websites you connect with have the prefix “HTTPS” and not just HTTP. HTTPS means the connection is secure. Some browsers will show a padlock or other icon when connected to a valid HTTPS address.
Finally, always check your links. Never click on a link unless you know the source and that the link is secure. Even friends and coworkers can mistakenly send malicious links without knowing.
Turn Off Automatic Connections
Ensure your devices do not automatically connect to public WiFi networks. Many people have this feature enabled to make their communications easier, but it’s a huge security risk.
Turn this feature off and manually connect to networks only after having confirmed they are legitimate and secure.
Don’t Send Or Receive Sensitive Information
Recent studies also found that 20% of free WiFi users will make financial transactions while on the public network and 39% will access some sort of sensitive data. Be warned however, if you’re on free WiFi, this isn’t the time to access your bank account or trading account.
Even if using the tips above, it’s still far too risky to access highly sensitive sites using free WiFi. Wait until you’re home or use a secured connection. If a hacker gains access to your financials you are sure to be dealing with unauthorized transactions, becoming a victim of credit card fraud.
You should also avoid shopping or submitting your credit card information while connected to free WiFi hotspots or a public network.
Disable File Sharing
Make sure to disable file sharing on your devices that connect to free WiFi. When file sharing is enabled, the dangers of using public WiFi can be greater if your connection or device is compromised. A small vulnerability can suddenly become a big security issue if you have file sharing enabled and are compromised.
Use Antivirus And Anti-Malware Software
Always use up-to-date antivirus and antimalware software. This is critical to ensuring your device is protected. It’s also important that these are up to date and the license is current.
When using these programs, turn on automatic updates so they will update whenever new versions are available. Also, turn on real-time protection. If your device performance drops when using real-time protection, at least use it when connected to free WiFi.
Use Multi-factor Authentication
Although this won’t prevent certain risks from public WiFi, it will protect you if your passwords are ever compromised due to using free WiFi.
Multi-Factor Authentication (MFA) or 2-Factor Authentication (2FA) adds an additional authentication layer beyond just a password.
For example, using a 2FA app like Authy creates a one-time code when logging in to specific websites. You need both your password and this one-time code to log in successfully. Even if a hacker has your password, they cannot get into the site if they don’t have the additional 2-factor code.
Consider using MFA or 2FA for sensitive websites you access. This includes banking, business sites, and other sites where a security breach will be extremely harmful.
Don’t Use Outdated Software
Outdated software is one of the biggest risks when it comes to security. Outdated software is no longer updated or supported. This means that any security flaw found in the software is left open forever. Hackers learn of the vulnerability and then begin to seek out this version of the software as an easy attack.
This includes web browsers, operating systems, and most other types of software that connect to the internet.
Consider turning on automatic updates for all of these tools to ensure you are always up to date. If a piece of software is no longer being updated, you should find an alternative.
More Help With Security And Free WiFi
Using public WiFi can make our busy lives much easier. We can connect and keep working wherever we happen to be. But it does have risks associated with it that need to be taken seriously.
By following the advice in this article, you can easily mitigate a majority of the risks that come with using free WiFi while still enjoying virtually all of the benefits. These tips will help you and your customers stay safe on public Wifi.
If you’re a business or merchant that offers free WiFi and are concerned about security, contact ECS Payments. We are a leading payment processor and can help merchants leverage the latest payment solutions and security features to grow their businesses.
Contact ECS Payments to learn more about our merchant services and processing solutions.
