Thursday, May 31, 2018

The Security Risks Presented when Using Public WiFi

Connecting computers and laptops to WiFi provides the ability to browse the internet. Connecting smart phones to WiFi allows them to browse the internet without the data being transferred counting against a data plan. Additionally, local WiFi can often provide faster transfer rates than using a smartphone's built-in cellular connection because of the close proximity.

Taking advantage of the many benefits provided by utilizing WiFi seems like a win-win! Unfortunately, there is a big difference between using secure WiFi at your home or office and connecting to public WiFi.

The Security Risks Presented when Using Public WiFi

Connecting to your wireless network at home should not provide security risks when the network is secured with a unique password that is changed at least 1-2 times per year. When your wireless router supports it, create two wireless networks and implement them like this:
  • Use one to connect computers, laptops, shared storage devices, and printers. 
  • Use the other to connect smart phones and all IoT items like fans and thermostats, streaming devices like Roku and Chromecast, and for guest devices.

Using two wireless networks allows you to separate traffic into two main groups: trusted devices with security software installed, and less secure applications and devices you might not know the status of or be able to control - as in guest devices.

Public WiFi is often provided by hotels, coffee shops and conference centers as a service to guests. While this is done with good intentions, public WiFi is only as safe as those users on it. Would you walk into a public place, and without knowing anyone else there, leave your wallet or purse on a table while using a restroom far from where you could see your valuables? Of course not! The reason being because those around you are strangers you do not know well enough to trust. 

Accessing public WiFi networks works in much the same manner. Your device connects to the same network as everyone within a specific range - the same people you would not trust with your valuables. However, because it is harder to "see" a cyber crime, certainly harder than witnessing someone's purse get stolen, we often are less apt to protect our electronic devices.

A very common type of attack is what is known as a man-in-the-middle attack, or MITM. The reason MITM attacks are popular is because while your data is being captured by a hacker, it is still passed on to its original destination and back to your device. This means you likely will have no idea your information has been compromised and will continue using your device normally, potentially giving away additional credentials or private information.

There are multiple types of MITM attacks. Some spoof ARP or DNS, which are communication protocols used between devices on the same network. Other attacks use SSID spoofing. This type of attack requires bringing a secondary device, which can be small enough to easily hide in a backpack. The secondary device connects to the public WiFi then broadcasts and tricks client devices into connecting to it instead of the intended wireless network.

MITM attacks can be done quietly, without your knowledge, and are difficult to detect because your device continues to operate "normally". While there are hardware devices that can help combat these types of attacks, there is no way to know the public network you have connected to supports them or has enabled those features. Some people utilize Virtual Private Network, or VPN, services to protect themselves. Keep in mind, if the VPN is a public service, your data is still traveling across an unknown set of systems owned by strangers.

The best possible protection you can implement is turning your smartphone into a wireless hotspot and connecting to it to access the internet. One smartphone can connect multiple devices, though speed can be an issue with multiple connections. If you are unsure how to turn your smartphone into a wireless hotspot, visit our post for instructions at NOTE: Keep in mind attaching devices to your smartphone means you are transferring data that will count towards your existing cellular data plan. Be sure you have plenty of data available when using a phone as a hotspot so you do not go over your data plan allotment.

Wireless networks provide access to the internet for computers and allow smartphones to transfer data without the data going against the data plan. Unfortunately, public WiFi presents security risks that should be avoided whenever possible. Obviously the level of protection desired is unique to each person. However, keep in mind it is easy to hop online for a thing or two that leads to email and social media and much more, each of which potentially pass credentials. Utilizing a smartphone as a wireless hotspot provides greater protection and is easy to implement.

As always, there is more than one way to protect yourself, knowing how - especially when it is simple and may not cost anything - is key!

Enjoy this post? Subscribe to our Blog

No comments:

Post a Comment