Being connected to the internet or online has almost become something most people take for granted. For business reasons, many people need this constant connectivity with their laptops or their phones to stay connected and productive. This need has caused free WiFi to pop-up just about everywhere.
Most cafes, workspaces, and public buildings usually offer some kind of free WiFi. Guests and customers demand it and businesses like that it makes customers stick around longer and hopefully spend more money.
But while free WiFi can be great for productivity, there are risks to using public WiFi. Being free, anyone can access it, including those with nefarious intentions. According to a Forbes survey, 35% of the population will access free WiFi multiple times a month. And 40% of those accessing free WiFi have had their information compromised.
In this article, we’ll go over the dangers of public WiFi, how hackers exploit these issues, and ways to prevent them to keep your data and privacy secure.
The Difference Between Public and Private Wifi
It’s important to understand the key difference between something like an open WiFi network and your home or office network.
A home or office network require authentication. This means that all users must have valid credentials to log in. Also, all users logged in are part of a record, so anyone who joins the network with malintention is easily exposed.
Additionally, many office networks have built-in security features such as zero-trust architecture or ZTA. This means users are constantly being authenticated as they move through the network or access different resources. Therefore, even if a password is compromised, the attacker may be detected when they start trying to access sensitive areas or unusual areas.
Most users are totally unaware of the underlying ZTA security. But it’s these hidden systems that keep everything secure.
By contrast, a free WiFi network or unsecured WiFi has none of these advanced features. Being free and open to the public means most standard security practices have to be abandoned. This creates a situation with zero authentication and what essentially becomes the opposite of zero-trust and instead becomes “trust everybody”.
A “trust everybody” network opens the door to all manner of attacks, which we’ll touch on next.
Risks of Public and Free WiFi Connections
Public WiFi exposes devices and personal data to specialized hacking attacks. Unfortunately, these attacks can be difficult to detect if you’re not aware of the warning signs.
There are several key vectors of attack that hackers use to exploit free WiFi. Below are some of the most common attacks that hackers use when exploiting public WiFi networks.
Unencrypted Network Traffic
Secure networks either at your home or office will almost always have advanced encryption enabled. Encryption in a WiFi scenario means that the data moving between your device and the router is encrypted using various methods that range from basic methods to more advanced ones. This means that anyone intercepting that data will have to decrypt it to find any use for it.
Most hackers are looking for easy targets. So even basic encryption is enough to force hackers to move on to another target. The only reason a hacker would bother trying to break strong encryption was if they knew their specific target had some juicy information they wanted.
But most hackers on free WiFi are essentially just fishing for information until something they feel is useful pops up. This can mean credit card info or personal information to help them commit identity theft or fraud.
With free WiFi, it’s very possible that encryption was never enabled and it’s difficult for many users to even know if their signal is encrypted or not. Because of this, you should never send or open sensitive data over a public or free WiFi system. You should always assume your data is free for anyone to read when on free WiFi.
Fake Or Malicious WiFi
One of the more dangerous risks when trusting free WiFi is that you may end up connecting directly to a hacker’s network access point instead of that of the network you want to connect to.
A hacker can easily use a device to create a strong WiFi signal. This signal can overpower the other local signals and seem more appealing. They may also give it a similar name to networks in the area, such as the name of the coffee shop or place of business.
When connecting to a haker’s fake WiFi, you are exposing your personal information. They now have all access to the data you send or receive without any restrictions. Not only that, they can now move on to other forms of attacks on your system and even plant software.
Always check the name of the public WiFi networks you are connecting to or, as a business owner, providing your customers, and check the other names that pop up. Make sure there are no duplicates or similar-sounding ones. This can be a clue that one is a fake.
A simple security step that can help avoid this threats with using free WiFi, is displaying the correct WiFi Network name for your patrons.
Malware
Although more difficult, hackers can install malware to user devices through free public WiFi. This is a slightly more sophisticated attack and will require extra steps. But it also gives hackers virtually unlimited control of user devices even after leaving the free WiFi hotspot.
Malware can also be hard to detect, so a device may be compromised for some time before a user even knows it. Malware attacks require the performance of some action that unknowingly initiates the attack. For example, clicking on a fake link from a pop-up window that indicates the need for registration to use the free WiFi. The link then goes to a page where the hacker can then download malware on the users device.
Always check links before clicking on them and never download any app or software before thoroughly vetting the source.
Man-In-The-Middle (MITM) Attacks
MITM attacks are one of the more common ways that cyber criminals obtain sensitive data or login credentials. These middle attacks are similar to the previously mentioned fake WiFi hotspots. However, hackers don’t need a completely false network to pull this off, which makes them tricky to detect.
There are several ways that hackers can place themselves in the middle of your communication without you knowing.
Packet Sniffing
Data is sent between your device and the network in segments that are called packets. These packets contain the data being sent as well as information about the data, sender, and network itself.
Hackers use packet sniffers which detect these packets moving on your WiFi connection and then look for vulnerabilities. They can either spoof packets or inject false packets into the communication which can lead to your device being compromised.
SSL Stripping
SSL certificates is a type of encryption websites use to ensure secure data transmission. However, hackers can use a MITM attack to strip packets of SSL information and then gain access to the non-encrypted version. This would mean a connection to an HTTPS address is now treated as an unsecured HTTP connection.
Session Hijacking
In this type of attack, the hacker can essentially steal your current “session” while connected to various services such as social media platforms. Even though they don’t have your password, by hijacking your current session, they now have access to your account as if they were logged in.
To avoid MITM attacks, you can use the following tips:
Only connect to the legitimate version of a website or network. This may seem obvious, but as we work and are busy, it’s easy to click on a link that looks like the legitimate address but it has one letter changed. This happens all the time and the user is now immediately compromised.
Strange pop-ups are also something to be aware of when on an unsecured network. Any pop-up that states there is an issue with your system or that you need to log in to something should be taken with extreme caution. Always confirm these are legitimate pop-ups before following their instructions or entering any information. If in doubt, close them, close the connection, and restart your device.
How To Protect Data Even When Offering Free WiFi At Your Business
All of these methods of attack may make you want to never use free WiFi ever again. But free WiFi can be a useful tool as long as you follow basic security measures.
If you’re a merchant or business owner, you may offer free WiFi to your customers. This is a great service and can help you attract and keep more paying customers in your store. However, there are risks involved.
You can continue to offer free WiFi but make sure to take a few precautions as well.
Use Encryption If Possible
Make sure your router has encryption enabled. If possible, use WAP 3 or at the minimum WAP 2. Anything below these is not adequate, such as WEP or TKIP. You can change these settings by directly accessing your router via a network cable and accessing the admin control panel.
Segment Your Free WiFi From Your Business Network
Don’t share the same network that contains the free WiFi and your internal business network. These need to be totally separate and even air-gapped if possible. By sharing these resources you are essentially rolling out the red carpet for hackers.
Also, if you’re a merchant processing credit cards, none of your POS devices or terminals can be connected via public WiFi. This is a huge security risk and will likely put you out of compliance with PCI guidelines and your processing agreement.
So always keep these systems separate if offering free WiFi to your customers. You can also post information about WiFi safety and security, such as the WiFi name, to help customers protect themselves as well.
Use A VPN
A virtual private network (VPN) allows you to connect securely to your own network even if using free WiFi. While this doesn’t offer total security, it adds a huge layer of safety, and often a hacker will simply ignore encrypted data unless they are specifically targeting you.
VPN services are often inexpensive and they have services that can be added to a variety of devices. If you use free WiFi on a regular basis or work remotely, consider a VPN for an added layer of security.
Always Check Website Addresses
Always check the website you are visiting before logging in or sharing data. This means carefully reading the address to make sure it is not fake or spoofed.
Also, check that all websites you connect with have the prefix “HTTPS” and not just HTTP. HTTPS means the connection is secure. Some browsers will show a padlock or other icon when connected to a valid HTTPS address.
Finally, always check your links. Never click on a link unless you know the source and that the link is secure. Even friends and coworkers can mistakenly send malicious links without knowing.
Turn Off Automatic Connections
Ensure your devices do not automatically connect to public WiFi networks. Many people have this feature enabled to make their communications easier, but it’s a huge security risk.
Turn this feature off and manually connect to networks only after having confirmed they are legitimate and secure.
Don’t Send Or Receive Sensitive Information
Recent studies also found that 20% of free WiFi users will make financial transactions while on the public network and 39% will access some sort of sensitive data. Be warned however, if you’re on free WiFi, this isn’t the time to access your bank account or trading account.
Even if using the tips above, it’s still far too risky to access highly sensitive sites using free WiFi. Wait until you’re home or use a secured connection. If a hacker gains access to your financials you are sure to be dealing with unauthorized transactions, becoming a victim of credit card fraud.
You should also avoid shopping or submitting your credit card information while connected to free WiFi hotspots or a public network.
Disable File Sharing
Make sure to disable file sharing on your devices that connect to free WiFi. When file sharing is enabled, the dangers of using public WiFi can be greater if your connection or device is compromised. A small vulnerability can suddenly become a big security issue if you have file sharing enabled and are compromised.
Use Antivirus And Anti-Malware Software
Always use up-to-date antivirus and antimalware software. This is critical to ensuring your device is protected. It’s also important that these are up to date and the license is current.
When using these programs, turn on automatic updates so they will update whenever new versions are available. Also, turn on real-time protection. If your device performance drops when using real-time protection, at least use it when connected to free WiFi.
Use Multi-factor Authentication
Although this won’t prevent certain risks from public WiFi, it will protect you if your passwords are ever compromised due to using free WiFi.
Multi-Factor Authentication (MFA) or 2-Factor Authentication (2FA) adds an additional authentication layer beyond just a password.
For example, using a 2FA app like Authy creates a one-time code when logging in to specific websites. You need both your password and this one-time code to log in successfully. Even if a hacker has your password, they cannot get into the site if they don’t have the additional 2-factor code.
Consider using MFA or 2FA for sensitive websites you access. This includes banking, business sites, and other sites where a security breach will be extremely harmful.
Don’t Use Outdated Software
Outdated software is one of the biggest risks when it comes to security. Outdated software is no longer updated or supported. This means that any security flaw found in the software is left open forever. Hackers learn of the vulnerability and then begin to seek out this version of the software as an easy attack.
This includes web browsers, operating systems, and most other types of software that connect to the internet.
Consider turning on automatic updates for all of these tools to ensure you are always up to date. If a piece of software is no longer being updated, you should find an alternative.
More Help With Security And Free WiFi
Using public WiFi can make our busy lives much easier. We can connect and keep working wherever we happen to be. But it does have risks associated with it that need to be taken seriously.
By following the advice in this article, you can easily mitigate a majority of the risks that come with using free WiFi while still enjoying virtually all of the benefits. These tips will help you and your customers stay safe on public Wifi.
If you’re a business or merchant that offers free WiFi and are concerned about security, contact ECS Payments. We are a leading payment processor and can help merchants leverage the latest payment solutions and security features to grow their businesses.
Contact ECS Payments to learn more about our merchant services and processing solutions.
