Between mobile data and free WiFi hotspots, we can connect to the internet pretty much anywhere, anytime – and we do! In fact, as soon as we spot a ‘Free WiFi’ sign at a café, airport, hotel, we are drawn to reaching for our phones or setting up our laptops and getting online.
Whilst businesses are shouting about their free WiFi as an attraction, it actually poses a whole host of risks to your security and privacy. But there are ways to protect yourself.
So firstly, why is using free WiFi such a terrible idea?
#1 Someone Could Be Watching
This may sound paranoid, but the truth is, if you’re browsing on unencrypted websites using a WiFi hotspot, it is shockingly easy for others connected to the same WiFi to snoop on what you are doing. In fact, it’s well known that in highly populated areas, cyber criminals setup free WiFi access points specifically for this purpose.
This may be harmless for the type of browsing you’re likely to do whilst you stop for a quick coffee, but you’d be surprised at the amount of personal data you could be leaking; usernames, password, even the contents of your emails. This is mainly because, free WiFi in a public place is often unsecured, and data is transferred in plain text – setting a password is an obstacle for customers, not to mention a chore for the staff being asked for the password by almost every customer who walks in the door.
If a free WiFi network is available without a padlock, it’s not secure and we advise you wait until you get home to check your emails; if a padlock appears by the network name, it’s secure.
#2 It’s Easy To Fake
Vast public areas or large buildings will often have several free WiFi network points with the same name and password dotted around and once you connect to one, your phone will automatically connect to the next as you drop out of range. Handy as you walk through the airport, checking your emails but also a blessing for hackers. This makes it incredibly easy for cyber criminals to set up fake WiFi points with the same name and password, just waiting for you to pass within reach and connect with your device; the hacker gets access to almost every bit of data your device holds, and you’re non-the-wiser.
#3 Network Security Is Not A Priority
In business, your IT support will (and certainly should) spend time making sure your WiFi connection is secure in addition to basic network security – monitoring traffic for unknown device connections and setting rules to prevent malware infections. Unfortunately, restaurants, hotels and shops will only ensure the very basic security is in place on a free WiFi hotspot – after all, their service isn’t free WiFi, that’s just a bonus.
This basic security is much like you probably have set up at home – WPA2 security or similar. This is adequate for a home environment but in an open environment that is likely to be a target for hackers, it just won’t cut it.
#4 See Who’s Connected
Even if you don’t fall victim to a fake network, connecting to any public network, certainly an unsecured one, will make your device visible to every other device on that network – not something you would notice if you were just innocently using the free WiFi for your own browsing but imagine what a professional hacker could do with such an open target.
As a test, if you have a Mac or iOS device, the next time you’re in a busy public place, briefly open AirDrop and see just how many devices are shown to you – while AirDrop doesn’t rely on shared networks, it’s a good way to see just how exposed our devices are in a public environment.
So how can you protect yourself?
#1 Stay Dis-connected
One of the easiest things to do is make sure that if you do use public free WiFi, keep it brief and never use it for any financial sensitive access. Also, makes sure you disconnect from the network when you’re done. Moving out of range isn’t enough; your device will remember the network and automatically reconnect without you even noticing the next time you’re in that same vicinity (or even worse, your device could connect to a fake network with the same credentials).
#2 Tether To Your Own Mobile
If you want to get some work done in the hotel lounge and your mobile data plan is plentiful, the safest way to connect to the internet is via your own mobile. Enable your device as a hotspot (password protected of course) and connect your laptop or tablet for peace-of-mind you can browse and email securely.
#3 Virtual Private Networks
A VPN is like a personal network bodyguard. A Virtual Private Network runs on your device and encrypts everything you do, so if someone is snooping on your device, they will gain no information from your data. There are many free VPNs available, but your chosen Cyber Security partner should offer a solution.
More Than IT Support – It’s IT Consultancy
Whether in business or at home, cyber awareness is essential for all of us.
At Jupiter IT, we’re committed to raising awareness of cyber crime; its motivation and its impact. We hold the prestigious Cyber Essential Plus certification; we are experts in this standard and can help you become Cyber Essential accredited too. You can read more about the benefits of being Cyber Essential certified and how we can help you get there.
And don’t forget, if you have a Jupiter IT support contract, we can provide you and your staff with free, content-rich, cyber security training that will benefit them not only in their work environment but help raise their awareness at home too – give us a call today to arrange your free training session or a free cyber audit of your systems.