Is using public WiFi safe?
Did you use your bus or train's free WiFi this morning? Have you ever logged into the network at a coffee shop or airport? It might be time for caution to safeguard your data.
We all use public WiFi networks at some point in our lives, whether to check our emails while staying at a hotel, to conserve our mobile data during a long journey or to Google that exotic-sounding dish on a restaurant's menu before inadvertently ordering snails.
However, with company-issued laptops and mobiles becoming an essential part of the modern business world, cyber security threats hitting the headlines and the requirements of new GDPR rules on the horizon, we have to ask - just how safe is public WiFi?
Common dangers and risks
Think of everything you keep on your smartphone. The average hacker has all the tools necessary to exploit software vulnerabilities and unsecured networks to steal personal information, passwords and financial data without you even noticing.
For example, 'man in the middle' attacks are one of the biggest and most prevalent dangers associated with public WiFi. In these cases, a cybercriminal is able to intercept web traffic between a device and destination, essentially eavesdropping on everything being sent and opening a door to steal data from a system.
A variation on this technique can involve a fake WiFi network being set up to impersonate a source you trust i.e. your hotel or local cafe. It can be very difficult to realise you are connected to the wrong network.
An unsecured connection also offers ample opportunity for malware to be planted on your device, compromising your privacy and that of any other network you join. This can include:
- Adware: Delivers pop-up adverts on webpages and generates advertising across the internet. Often combined with spyware.
- Spyware: Software that monitors any activity on a device by stealing login information and data harvesting.
- Trojans: Malware disguised as normal files that is usually used to take control of infected systems.
- Viruses: Malware that can copy itself and spread to numerous systems, generally through email.
Top tips to stay safe
One of the most common defences against malicious activity on public wi-fi is the use of a virtual private network (VPN) or virtual desktop connection. Most employers that handle sensitive data now require their staff to use these tools to encrypt connections on mobile devices.
The safest option, and as difficult as it may be, is to not use public WiFi at all. In general, you can't know for certain who set up the network and what security precautions they have or haven't taken, not to mention how they are logging what you do using their connection.
Realistically, there will be times when you forget or simply need to get online. In those cases, here are some steps you can take to safeguard your (and your clients') information:
- Don't connect to networks automatically.
- Be careful when enabling the NFC control (near field communication) on your phone - drive-by attacks can poach your info by simply walking past you.
- Turn off hotspot, WiFi and Bluetooth settings when not in use.
- Enable 'Always use HTTPS' options or double-check the sites you visit use an HTTPS url before logging in.
- Avoid logging in to your bank, work accounts or other sensitive pages while on public WiFi.