By Katherine Barnett, Digital Rights & Cybersecurity Researcher, Top10VPN.com
Having an internet connection is a necessary part of both our personal and working lives. As well as keeping us connected with news and social media, businesses need their staff to be able to connect to WiFi to work and access networks remotely. This has seen the rise of free, public WiFi networks to cater to these demands.
However, with increased access to WiFi comes increased risk. Free public WiFi, in particular, provides plenty of opportunities for malicious individuals to access and steal your data. With an estimated 81% of individuals connecting to public WiFi networks, it’s important to be educated on the risks. Using a VPN and taking other precautionary measures can ensure you remain safe when connecting to public WiFi is a necessity.
The Risks
Unfortunately, all unsecured public WiFi networks are unsafe. The very thing that makes them convenient – their easy accessibility and no-cost – is what makes them an easy target for those looking to steal personal information or distribute malware.
There are a variety of ways public WiFi can put an individual’s security at risk. The most common of these are:
- WiFi ‘honeypot’ networks. These are networks that appear to be owned by a legitimate establishment i.e. Starbucks WiFi when in reality they’ve been set-up by an ill-intentioned individual. By connecting to these fake public WiFi networks, users not only hand over their IP address and device information but any other sensitive information they have shared over the network. Fake WiFi networks such as this can also be used by criminals to redirect a users traffic to unsafe sites that mimic popular websites. Individuals can then be manipulated into passing over the information they would usually enter into the trusted version of the site.
- Man-in-the-Middle attacks. These types of attacks are when an individual intercepts and manipulates the connection between a user’s device and the site they’re attempting to reach. This enables them to not just read data packets and personal data, but inject content or redirect traffic to an untrustworthy site.
- Distribution of malware over unsecured WiFi. Attackers can use the MiM method to exploit software vulnerabilities in your device and infect it with malware. Unsecured networks facilitate this sort of attack.Connection points can also be hacked to display a pop-up window when a user attempts to connect, offering a software update which, if clicked, downloads malware onto their device.
- Snooping & sniffing. Special tools and pieces of software allow attackers to eavesdrop on WiFi signals, giving them visibility on sites a user has visited. Any login credentials or other information passed over to a non-HTTPS site by the user then become visible to the eavesdropper.For instance, relatively simple Linux software can help a criminal intercept and view packets of data traveling between your device and the router.
- Peer-to-Peer attacks. If a users device is set-up to automatically discover new networks it is possible for hackers to connect directly to them. Once connected, attackers can then infect a device with malware.This can also be done via file sharing if a user has this setting turned on.
- Address Resolution Protocol (ARP) Spoofing. ARP is the method used by all devices to discover the unique identifying code of each device connected to a network. The unique code given to each device ensures that packets of data can travel from the router to the correct destination.Unfortunately, ARP can be tampered with. This means that your device can be tricked into believing another router possesses the identity code of the public WiFi router you’re trying to connect to. Your device will then send data to the copycat router instead of the legitimate public WiFi router, allowing whoever set it up to manipulate your traffic and view unencrypted data.
All of these attacks put personal data and security at risk. For those handling sensitive information, the results could be catastrophic. Worryingly, attacks via WiFi take, on average, less than two minutes, meaning users would not need to be connected long to fall victim to foul play.
The fact that these attacks can be executed quickly using inexpensive tools and software such as Linux demonstrates the need to always ensure you’re adequately protected before connecting to a public WiFi network.
How can VPNs offer protection?
VPNs (Virtual Private Networks) encrypt a users connection and redirect it to a remote server, hiding their IP address and making any information they pass over the network unreadable.
When connected to public WiFi, VPNs offer substantial protection against attacks through the encryption of your data. An attacker who finds a way to eavesdrop on your connection and intercept data packets will be unable to view the information you’ve shared without committing to a time-consuming decryption process. This makes attackers more likely to disregard your unreadable, encrypted data and chose a less security-savvy individual to attack.
VPNs, therefore, provide an extra layer of security to a users network and will protect against the majority of security threats posed by public WiFi.
Other forms of protection
As well as investing in a reliable VPN, there are other necessary precautions that should be taken if connecting to public WiFi is unavoidable.
- Keep your devices up-to-date. This is crucial to resolve any software vulnerabilities that may be present in your device. Updates often include security patches and bug fixes as well as new features.
- Only ever visit sites that use HTTPS. HTTPS-enabled sites provide extra security to your connection through the SSL encryption protocol. HTTP websites, on the other hand, do not have such security, meaning that any information you enter into the site is visible to someone spying on your connection.
- Turn off auto-connect network settings and Bluetooth. This will make attackers unable to launch a malicious attack on your device by connecting to it directly.
- Invest in a robust security solution. While spending money on security software is something users often avoid, it’s highly recommended if you want to prevent your device from becoming infected with a virus, worm or another form of malware. A good piece of software will be constantly scanning your device and downloads for any issues, preventing you from installing anything suspicious.
- Avoid all unprotected networks. Though there are obviously times when it has to be done, not connecting to public WiFi at all is the best way of ensuring your data security and privacy. Carrying out important, private activities via public WiFi is definitely to be avoided.
Conclusion
While public WiFi is incredibly beneficial to those needing to work remotely, or simply browse on the move, the many ways it can be abused by cybercriminals means you should think twice before you connect.
If you do decide to connect to public WiFi, using a VPN and taking other precautions will vastly improve your security and limit the chances of you falling victim to an attack.
Nothing is ever truly free, and connecting to public WiFi without the appropriate precautions in place may just leave you paying with your data.
About the Author
Katherine Barnett (@thekatbarnett) is a researcher at leading VPN review site Top10VPN.com. Her writing focuses predominantly on global censorship, digital rights, and cybersecurity.