In the past couple of years, we have seen accessibility of public Wi-Fi networks grow in an incredible pace. These days, we can connect to the Wi-Fi of various public places such as restaurants, coffee shops, public transportation vehicles, lot of times without them requiring us to type in a password.
We are all familiar with the pros of this – but what can be the cons of using public Wi-Fi networks? How can we prevent potential leaks of data? In the following article, we offer you an overview of the threats when using public Wi-Fi networks as well as an introduction into prevention against data phishing and the preparations we can make in order to make our browsers safer.
Risks of Public Wi-Fi Networks
There are two main types of public Wi-Fi networks: those that encrypt communication between the router and the connected devices, and those that don’t. The latter can usually be recognized by the fact that it doesn’t require a password or identification from the user when connecting.
Unencrypted Wi-Fi Networks
Wi-Fi networks basically work just like a radios with one big difference: within a certain distance, we are not only able to receive data or information, but also to send those. Between our device and the access point there is a constant exchange of data, but if the connection is not encrypted, technically any device connected to the network could get hold of this data. Hence we provide easy access to our data for hackers who can see our entire data exchange with the router.
Hackers often use a technique called ‘man in the middle’ to step in the line of connection between the user and the Wi-Fi router so the user will send the data straight to the hacker. With this trick, hackers can easily get their hands on our account details, usernames, passwords, and in certain cases even our online banking information; they can also spread hostile programs on our device connected to the network.
In case of phishing, not only the hackers can use their access to our devices for malicious reasons, but also the provider of the apparent Wi-Fi network.
Encrypted Wi-Fi Network
Encrypted networks, such as WEP (Wired Equivalent Privacy) and WPA (Wi-Fi Protected Access), also can’t be considered guarantees against hackers and phishing attempts because they are comparatively easy to break, too; not to mention the even easier way of gaining sensitive information through public networks. No matter that a network is password-protected, it also becomes unsafe if there are more users connected to it.
WEP is one of the most common ways of Wi-Fi network encryption, where the authentication works only one-way; using WEP, we can never be a hundred percent sure that we connected to the right access point, and not one set up by a hacker with the same AP name as the original one. This kind of attack goes by the name of ‘Evil Twin’; in this process, the hacker creates a clone of an existing network device with copying its name and, in some cases, its password. The user only sees it as a familiar hotspot name and will connect to it without even knowing that she has been tricked. Difficult part of this method for the hacker is that he has to shut down the original router so that the duplication won’t be too apparent.
The so-called WPA2 AES protocol can protect the user from malicious attempts by hackers but unfortunately most public networks don’t run this mentioned protocol. Most networks we use at home have WPA2 by default.
Unfortunately, there is no guarantee against threats – the best solution would be to completely avoid connecting to public Wi-Fi networks. That obviously wouldn’t be too much of a realistic practice because sometimes we just simply have to connect to a public network – in those cases, we should follow the steps below to set up protection against hostile attempts.
In case we really have to use a public Wi-Fi network, we should try to only log in on websites which have a so-called Secure Sockets Layer (SSL). These websites are recognizable by the „https://” prefix in the search bar of a browser, accompanied by a small locker icon in front of it. If we log in on a website which only has a prefix of “http”, we are running the risk of hackers getting hold of our login details – this can be extremely dangerous if we are using the same or similar passwords on numerous different websites.
It makes the situation seem even worse that we can’t fully trust SSL either. In a lot of cases, only the login process happens through SSL, but after that we are still browsing on an “http” website. Our password and login details don’t immediately fall into the hands of hackers, but if they get hold of our cookies, access into our account will be easy and from there, getting our login information and closing us out of our own account even easier.
VPN services provide one of the safest solutions against hacking attempts. A VPN client encrypts the data exchange between a device and the VPN server which serves as protection for our data and our browser. Most important is to choose a trusted VPN provider because our data and information flows through the server of the VPN service provider.
Other Necessary Steps to Take