Techsplained: The Dangers of Public WiFi
If you enjoyed this video we have many more on our YouTube Channel to help you improve your tech knowledge, give you advice and even “How To” videos.
Public WiFi is an almost essential part of daily life for many professionals on the go, but is Public WiFi safe to use?
Techsplained, uncomplicating technology and making it easy for you.
Do you know the potential dangers of public WiFi Networks? Maybe you are a business looking to install a secure public WiFi network to protect your staff and your customers? In this video and article we will discuss the security threats of Public WiFi and how you can protect yourself or your customers.
But we know what you may be saying right now. is Public WiFi really unsafe? Well surprisingly the answer in many cases is yes.
Whilst Public WiFi is one of the most common, and in many cases the easiest, way to stay connected on the go at your favorite café, hotel or on the train, and especially in remote locations or in buildings with poor reception. Public WiFi is also notoriously easy for potential hackers to spy on you and see a whole lot more than you would like for them to know.
But why is Public WiFi so insecure? How can potential attackers exploit Public WiFi? And how can you protect yourself whilst connected? This is what we will explore in more detail below.
How can Public WiFi be insecure?
Since Public WiFi started to become widely available in the early 2000’s, many people have become more aware of online security, viruses, phishing and data privacy. However there are still many common vulnerabilities that hackers will target. One example of this is that the majority of Public WiFi uses no password or encryption at all, instead opting for a log in page for you to sign in or sign up to use their service. However sometimes they use nothing at all. In this case, potential hackers can see all of the traffic on the network and they don’t even need any special “Hacking” skills to do it as many of these software tools are readily available on the internet free to everyone to download.
Hackers may also take advantage of sign in or sign up pages by presenting you with a fake version of these to capture your sign in information, password and more personal information.
We have a video and article all about password security if you would like to know more about securing your accounts and dark web scanning to monitor if your passwords have been leaked online. And if you want to find out more about any of the services we can offer you at any time please fill out the form on this page to speak with one of our consultants.
But what about ‘Secure’ WiFi?
Many may think that Public WiFi which uses WPA2 security encryption, which is the standard data encryption in most wifi routers, is safe… right?
On your home network, which uses WPA2, is safe because only you and your family use that network and you only share the log in details with people you know and you trust. However, on a public network where anyone who asks for the log in password can access the WiFi this is not the case. Potential Hackers who access the network before you do can spy on and capture your security encryption key to the network. This allows these people to see all of your traffic, even though theoretically your connection is secure.
However, WPA3 aims to fix this security issue by using individualized data encryption. When you connect to an open Wi-Fi network with WPA3 security, the traffic between your device and the Wi-Fi access point will be encrypted, even though you may not have entered a password. This will make public Wi-Fi networks much more secure and private. It will be almost impossible for people to snoop on your data without actually cracking that encryption. This is something that should have been solved a long time ago. However this change will rely on a few different things;
Device manufacturers will need to create firmware patches for their existing equipment and have that equipment recertified with the latest firmware. Which in many cases will be a long process that may not guarantee certification.
Device manufacturers will release new hardware which is WPA3 compliant. And then it will be the process of companies swapping their existing access points for newer WPA3 compliant devices.
Hardware Manufacturers who make Computers, Laptops, Tablets, Phones and more ensuring that their devices are also WPA 3 compliant.
Here at One2Call we only install WiFi access points which are WPA3 compliant and offer backwards compatibility to WPA & WPA2 security standards. So if you are looking to install a new WiFi network in your business, or maybe you want us to manage your WiFi Network including firmware updates, or want to offer a Public WiFi network to your customers. We have installed WiFi networks in a range of locations, including hotels, restaurants, café’s and more. If you want to speak to one of our consultants about WiFi then please fill out the form below.
How else do hackers target people?
Man in the Middle
Public WiFi is also known for being vulnerable to what is known as “Man in the Middle Attacks”. In these instances a Potential Hacker is literally sitting between you and the internet capturing all of your data as you send and receive it. The most common form of this can be seen in the form of a Fake WiFi network meant to imitate a real public WiFi network. For example, you could be at your local café who has not had WiFi before and one day you see a new WiFi Network called “The Local Café” or you may see near identical WiFi Network names such as “CoffeShopWiFi” and “CoffeeShop-WiFi”
As you can see, this would not be as easy as seeing a network called “Guy In The Corner On His Laptop WiFi” and by connecting to and using these networks it allows hackers to spy on all of your internet connectivity and capture masses of data including your cookies or potentially unsecured files on your device.
Cookies are small files stored in your web browsers cache containing a unique identifying code or information that can do many useful things. However, if used the wrong way they could also be used to compromise your privacy. Cookies are a way for websites to identify unique users, Developers can track their visits such as what pages you have visited for analytics purposes to see which pages are performing well, track shopping carts, Suggest products and pages based on your browsing history, Link web chats and more.
Cookies are even used to stop you from having to log back in to a website from the same computer every time visit, they can customise the look or experience for each user and many other things. Whilst things such as Passwords are not stored within a cookie, a unique identifier within a cookie could potentially be used to steal a logged in session if someone was to steal your cookies. If someone was to do this, in some cases they may be able access an online store, bank account, social media account and more…. depending on the security of the services you use.
Many cookies are even sent as and stored as plain text behind your browser, meaning that “Guy In The Corner On His Laptop WiFi” can steal your cookies and log in sessions. However, by using secure encrypted websites which use HTTPS can overcome this, as the data sent and received between you and the website is encrypted. Alternatively you can disable non-essential cookies entirely or opt out from non-essential cookies on the website you are visiting. As long as you do not mind missing out on some of the features that they may offer.
How can you protect yourself?
One of the first things we recommend doing is asking the staff wherever you are if they have a Customer WiFi and what the name of it is. Many places will have promotional material telling you the name of their WiFi network so that you know that you are connecting to the correct one. If they say they do not have one and you see one anyway, ask them if it is correct. If it is not then do not trust it and report it to the business staff or management.
Always try to use Web Sites that use HTTPS, the majority of websites which require any type of log on use HTTPS, and many of todays most popular websites use HTTPS to secure your connection with them. Most browsers will also now warn you when a website is not secure and is not using HTTPS.
One thing to consider is that some websites may have a secure connection, but you are not directed to it by default. In this case you can manually type in the S in the address each time to see if it works or you can download web browser extensions or Apps which will automatically ask for HTTPS for every website by default. This will then send all of your data and cookies over a secure connection to prevent people spying on your data or stealing your biscuits…. I mean cookies.
By using websites using HTTPS you can make sure you data traffic with that website is secure, even if the WiFi network is not.
VPN/Virtual Private Networks
How can you protect all of your data over public WiFi without having to worry? In recent years VPN’s have become a much more popular amongst people for a variety of reasons. Such as a way to circumvent regional restrictions on some websites such as Netflix which offer different content in different regions. However, VPN’s are designed to create a securely encrypted data tunnel over any network to a secured remote server to secure all your data and stopping prying eyes from spying on your data.
VPN’s come in both Free & Paid for services, however some VPN services, especially some free ones, do record data passed through their services. However, here at One2Call we can offer you a VPN solution and our service does not record any of your data and you can be secure in the knowledge that all of your data is safe, secure and most importantly…yours.
Anti-Virus & Endpoint Protection
Another way to protect yourself, especially if you using your laptop on Public WiFi is Anti-Virus & Endpoint Protection, by using these you can ensure that the data stored on your device will be secure and protected against malicious attacks.
If you would like to speak to us more about WiFi Network’s, VPN services, Anti-Virus, Endpoint Protection and any other IT Services please fill in the form below to speak to one of our consultants to find out more.
We’ll also be producing more content on this and other tech topics in future, so be sure to subscribe to our socials and subscribe to Techsplained and TechBytes to be the first to know about future content.
We hope you have found this information useful. Leave us a comment over on our YouTube Channel to let us know what you think or to ask a question.
Enquire about our WiFi Services
Pawel is great and very helpful!
LFP Financial Planning
Excellent speedy service! Thank you for your help.
Paul D, AJ Marshall
Can contact support quickly, & visiting engineers communicative & polite/friendly.