Seeing someone use their laptop or other Internet-connected device at a local Starbucks or coffee shop, or even doing so ourselves, is a common occurrence for most of the modern world. Connecting to their convenient, free Wi-Fi seems like a simple decision requiring little to no thought. This oversight is exactly what hackers rely on to steal your personal information and perhaps even your identity. Is public Wi-Fi safe? Well, simply put, no. However, safe isn’t a term that could necessarily be used while discussing cybersecurity. Unless your computer or phone is locked in a faraday cage, the threat of attack is always there. These risks can inhabit many different forms including “Sniffers,” “Side-Jacking,” “Evil Twin/Honeypot Attack,” “Rogue Networks” and “Man-in-the-Middle Attacks,” just to name a few. These threats can range from simplistic “Plug-and-Play” programs that anyone could download and launch, to wildly complex hacks requiring a somewhat skilled hacker to execute them. Idtheftcenter.org has great resources, in which they explain each of these threats in depth, and I encourage you to research these to become more knowledgeable of the threats to your security. However, the simplified versions of each of these threats are as follows:
I. Sniffers: Software that enables a hacker to intercept data sent from your device to web servers and vice versa. Emails, files, and web searches are vulnerable to this beginner level hack, and a web search of “software sniffers” would reveal video demonstrations on how to download and use them.
II. Side Jacking: Side Jacking is an add-on to the aforementioned software sniffer, but instead of stealing emails and files, they are taking cookies from browsers. More often than not these cookies contain account usernames and passwords, along with other sensitive information.
III. Evil Twin/Honeypot Attack: A wireless access point that looks set up legitimately, but was set up by someone with malicious intent, allowing them to screen wireless communications. This is a wireless version of the infamous phishing scam, discussed in Cybersecurity: Passwords.
IV. Rogue Networks: These networks advertise “Free Wi-Fi, ” but in reality, once you connect to it, all of your files can be accessed by anyone else on the network, including the hacker that set it up. These systems are most commonly found in airports where delayed passengers connect to them to kill time before their flight.
V. Man-In-The-Middle: Any device between you and a server with the correct malicious software can perform this attack, allowing them to access and modify data being sent to and from your device and the server.
These attacks could be devastating to your personal life, as well as, potentially allowing hackers to commit identity theft and fraud. However, you can protect yourself against these threats. The simplest thing you can do is to just not connect to public Wi-Fi when out and wait until you get home to use your device since your home Wi-Fi is much more secure. To ensure the security of your home Wi-Fi make sure your Wi-Fi is password protected with a secure password and has a WPA/WPA-2 encryption, as this will make it exponentially more secure. If you must use public Wi-Fi for any reason, there are still several things you can do to protect yourself.
I. Use a VPN (Virtual Private Network) to encrypt your Internet connection. Some free VPN’s include Tunnel Bear and PRIVATE Wi-Fi. These protect against “Sniffers,” “Man-in-the-Middle” and “Side-Jacking” attacks because they allow you to transmit your signal through many foreign countries before coming back to the server you were attempting to access. Making the hacks above much more difficult, if not impossible, to pull off. VPN’s show little to no impact on computer performance if set up correctly.
II. Do not have your device automatically connect to public Wi-Fi. Your computer does not know the difference between a legitimate or illegitimate access point, so it’s up to you to connect to a secure one. Also, verify the name of the public Wi-Fi with the shop owner, to avoid “Rogue Networks” and “Evil Twin” attacks. If you do not trust a network or cannot verify its authenticity, do not, under any circumstances, connect to it.
III. Have a firewall and Anti-Virus installed and enabled on your laptop and other devices. Many computers come with firewalls pre-installed on their operating system, they merely need to be activated and configured to suit your individual needs. A quick Google search, use of a manufacturer’s guide or using a computer discussion forum are all great ways to figure out the configuration you need. If you can’t find a useful resource for this firewall, I advise you to call technical support for the computer's manufacturer, as they will be able to assist you. I recommend “AVG Anti-virus” for both Windows and macOS operating systems as tests show it captures over 99% of current threats thrown at it while managing to stay free for its basic functionality and having little impact on performance.
Using these tips can help make your personal life more secure, which is vital considering 15 million people have their identities stolen each year.
Thumbnail Credit: The Telegraph