Public Wi-Fi networks can be found everywhere. From airports and restaurants to hotel rooms and libraries, you name it. Using these free Wi-Fi hotspots is very convenient. They allow you to access your online accounts for free, quickly check your e-mails or continue working on a project. However, these networks are far from perfect and make you vulnerable to potential cyber attacks.
What are the risks of public Wi-Fi networks?
The problem with public Wi-Fi is that it comes with a host of risks. While operators are convinced that having a public Wi-Fi network at their location is a good thing, chances are that the security of these networks is minimal or even non-existent. This creates a host of vulnerabilities that hackers can exploit to attack you or the network. Below we list some common attacks.
Man-in-the-middle attack
One of the most common dangers of a public Wi-Fi network is the so-called man-in-the-middle (MITM) attack. This involves a hacker trying to place himself, by exploiting various vulnerabilities, between the origin and destination of data traffic. This allows the attacker to easily "listen in" on everything you do online.
Non-encrypted networks
When you use an encrypted network, the data sent between you and the router is encrypted with a secret code. Without the key, no one can see the information you send. This option is off by default on most Wi-Fi routers. This makes it very easy for hackers to intercept your network traffic.
Spreading malware
Thanks to software vulnerabilities, there are also ways hackers can put malware on your device without you knowing. Because it is possible to communicate over a network with other devices, hackers can find out what vulnerabilities your device contains and thus inject malware on your device.
Wi-Fi snooping and sniffing
There is special software or even hardware kits that make it much easier for cybercriminals to eavesdrop on Wi-Fi traffic. Using such techniques, hackers can see everything you do online: from fully seeing the web pages you visit (and all the info you entered there) to collecting login details and even taking over your online session.
Malicious hotspots
These kinds of Wi-Fi hotspots try to trick you into thinking they are a legitimate hotspot because the name sounds recognisable. For example: you go to a burger restaurant and connect to the "McDonals" Wi-Fi network. While you think you have selected the right network, in reality you have just connected to a malicious hotspot that allows cybercriminals to intercept all your online activities.
How can you stay protected on a public Wi-Fi network?
Now that you know the dangers of public Wi-Fi networks, you are probably wondering how you can actually use such networks safely. Here are 9 tips to protect yourself from the risks of public Wi-Fi networks.
Avoid sensitive information
When using a public Wi-Fi network, it is best not to share sensitive information. Looking up the opening hours of your supermarket or consulting the weather forecast probably won't do much harm. But checking your e-mails or making payments are things best not done over public Wi-Fi networks.
Use a VPN
Using a VPN or virtual private network is a good way to minimise your risk on public Wi-Fi networks. This actually connects you to a private network over which you then send your data. This adds an extra layer of security to your connection.
Only use HTTPS websites
Websites that have an SSL certificate - URLs that start with HTTPS - also add an extra layer of security to your connection. This certificate encrypts the connection between your device and the website, making the data traffic unreadable to other devices on the network. However, your data can be read when you visit an HTTP website.
Adjust your connection settings
Best also adjust your wireless connection settings so that your device does not automatically connect to available public hotspots. You can do this by turning off the "Automatically connect" feature on your device. Your device will therefore not automatically search for and connect to known networks. Moreover, it stops your device from sending out a broadcast packet, information that can be misused by hackers.
Turn off file sharing
Turn off file sharing before connecting to a public Wi-Fi network. If you leave this on, certain folders may be available to anyone on the same network. That allows hackers to access personal information without your knowledge.
Set up multifactor authentication (MFA)
If you use a public Wi-Fi network, cybercriminals can see your passwords. One way to improve the security of your accounts is to use MFA. Even if cybercriminals were able to intercept your password, they will not be able to log into your account. After all, with MFA, they need an additional factor (e.g. a code via an authentication app or a fingerprint) to access your accounts.
Always keep your system up-to-date
Keeping your system up-to-date is crucial. Updates often include security patches that further protect your device from Wi-Fi risks. This prevents attackers from exploiting vulnerabilities in your device that are broadcast over public Wi-Fi networks.
Don't forget to log out
When you are done browsing, it is important to always log out of any service you have used. Furthermore, it is important to "forget" the public Wi-Fi network in your device's settings as soon as you no longer wish to use it.
Use eduroam whenever possible
Do you study or work in higher education or a research institution? With eduroam, students, teachers, staff and researchers can easily and securely access their own organisation's fixed and wireless network, and that of all other institutions offering eduroam. There are now over 10,000 eduroam hotspots in more than 100 countries worldwide.
With eduroam, you can be sure that your information is securely transported. This makes this service a secure alternative to public Wi-Fi networks.
Raf Gillisjans studied applied computer science in Bruges and has been a part of the security team at Belnet for almost 2 years. He evaluates new solutions to make the Belnet environment a more secure place and is also part of the security awareness team. Outside of Belnet he can be found in a radio studio, behind a camera or behind his pc playing some game.