More
    HomeSecurityMalwareThe cost of using free Wi-Fi 

    The cost of using free Wi-Fi 

    Published on

    We don’t necessarily find ourselves short of cellular data due to over-usage. Being abroad, using a new device, and being in a geography with no cellular data are all situations that occur now and then, leaving us with no option but relying on a public Wi-Fi connection. 

    The most tempting element of these connections is that they can be used for free, making you save on money, not just effort, to get data that might be indispensable in some situations.

    However, the security of public networks re several, as you are in the same network with tenths or hundreds of people; more and foremost, you don’t know who set up the network and how it’s being managed.

    Is it worth it to put yourself at risk? How grave are the dangers, and what could be the alternatives? 

    In this article, the answers.

    The risk of using public wifi

    Besides the risk correlated to any Wi-Fi network security, there are some security concerns specifically related to the usage of public Wi-Fi.

    1. Man-in-the-Middle Attacks: Unless you can verify that the connection on the Public Wi-Fi is encrypted, you should not assume it. Often public Wi-Fi networks do not encrypt the data transmitted between the device and the network, allowing malicious actors to intercept or eavesdrop on your online activity. It must be noted, though, that today, most websites and apps (such as HTTPS websites and WhatsApp) encrypt communications on their own, reducing the information put at risk by default. Still, not all your apps follow the same security standard, and if you are connecting from a laptop, the same issue applies to desktop programs. 
    2. Malware Infection: Some malicious software, such as Emotet, spreads on the same network in a “worm-like” approach. In a public network, where tenths or hundreds of devices are connected together, it would be sufficient to have one infected to put all the others at risk. 
    3. Rogue Wi-Fi Networks: A rogue network is a network created with the purpose of luring people into connecting and surfing the internet or transferring data, into capturing the data transmitted during the connection. Setting up a rogue Network is a relatively easy task, as many devices and software would allow malicious actors to set up a legitimate enough access point to lure anyone needing data connection. You have no way of knowing whether you are connecting to a legitimate network except common sense indicators. Still, some advanced users could be able to reproduce an access point identical to a legitimate one in proximity.

    All risks are linked to the trustworthiness and population crowding the public network you are linked to. However, there are ways to mitigate these risks and even assess how much you should be concerned about them.

    Was your identity stolen

    The remediations and alternatives

    Assuming you have no better option and your cellular connection is not available, there are some ways you can still make use of public Wi-Fi with limited risks.

    Using a Virtual Private Network (VPN) allows you to secure all the information in traffic between you and the destination. This would reduce exposure to Man-in-the-Middle Attacks as well as the risk of compromising your information on a Rogue Network. 

    VPN encrypt information between you and your VPN provider, who then securely connects you with your target destination, preventing anyone who might intercept the traffic from acquiring valuable information about your network activity.

    This mitigation, however, does not offer considerable remediation against possible Malware infections. In order to mitigate these risks, you could rely on AntiVirus Software, which would protect you against the more common menaces.

    Other configurations to always adopt when on public Wi-Fi, and that would not require additional software, are the following:

    1. Turn off file sharing and automatic connectivity. Be sure only intended connections are established and only intended information is shared between your device and other devices on the network.
    2. Access only websites with HTTPS connection. You can verify that by checking the “lock” icon on the left of any browser’s address bar. Avoid as much as possible any connection not secured by default.
    3. Keep your device and apps updated. Be sure to have a device that is not prone to the most common malicious software. 
    4. Do not access particularly sensitive information. If you are using a company laptop, you might already be obligated not to connect to any public Wi-Fi, but if you are connecting for any reason, avoid accessing Smart Banking web pages or sharing confidential information.

    If you are reading this article, you might be curious to know which alternatives are then more secure to public Wi-Fi in case you need to absolutely access sensitive information when you are in an untrusted environment. You might consider other options. Here a few suggestions on alternatives that, despite requiring a bit of pre-planning, offer a valid and safer alternative to public Wi-Fi:

    1. Prefer wired access to wireless access. Sometimes public connections offer wired access besides Wi-Fi. This prevents you from being exposed Wi-Fi based attacks.
    2. Carry an emergency mobile broadband device that you can use to make your own emergency hotspot.
    3. Look for Private Hotspot relays. Some cable companies and ISP built their own hotspot relay network in public spaces that clients can use for a price. Check whether your ISP or service provider offers such services.

    If you are not travelling alone, asking a friend to offer a hotspot can be a valid alternative as well, as long as the hotspot is not created with a weak password (easy to guess) and the device you are connecting to follows the aforementioned best practices.

    Was your identity stolen2

    Conclusions

    While public Wi-Fi can be a convenient way to access data in unforeseen situations, they present a severe risk to your information security. If you are able to pre-plan, you should find better ways to avoid using them, but, in the opposite scenario, there are a few key actions to take in order to use them with minimized risks: double attention on the active device sharing options, choose encrypted by default connections, ensure that your device is secure and reduce the information transmission. If you have the opportunity, make use of VPN and AntiVirus software while the connection is active.

    What is a Public Wi-Fi?

    Public Wi-Fi is a term that refers to networks situated in a public space (airport, coffee shop, restaurant, public office, etc.), to which anyone could access due to the fact that the password is either easily shared or not required at all.

    What are the most common risks of using a public Wi-Fi?

    Public Wi-Fi networks expose users to many risks, particularly: Man-in-the-middle attacks, Malware Infections and Rogue Networks.

    What are the best tools to protect myself over public Wi-Fi?

    Use VPN and Antivirus software, use updated devices and apps and be sure that your connection and sharing settings are always set to the minimum required. Check also that pages you connect to enforce HTTPS and do not share or work with sensitive information unless strictly necessary.

    What are the more secure alternatives to public Wi-Fi?

    Assuming you cannot use your connection, you should prepare yourself and either carry a mobile broadband device or check for your ISP’s Private hotspot relay coverage (if any is offered). You can also rely on a friend’s hotspot, provided that if follows best practice, and in case none of the above alternatives is available, you can check whether the public network you are connecting to offers a wired connection to at least minimise the risks.

    Latest articles

    spot_img

    More articles

    MFA at risk – How new attacks are targeting the second layer of authentication 

    Multi-factor Authentication (MFA) has remained one of the most consistent security best practices for...

    The ChatGPT Breach and What It Means for Companies 

    ChatGPT, the popular AI-driven chat tool, is now the most popular app of all...

    Prompt Injections – A New Threat to Large Language Models

    Large Language Models (LLMs) have increased in popularity since late 2022 when ChatGPT appeared...