Free public Wi-Fi networks may seem like an easy and convenient way to access the internet while on the go, but the risks involved with using them can seriously outweigh any convenience or ease. Don’t believe us? Read on.
Risks Associated with Public Wi-Fi Hotspots
The fact is that using public Wi-Fi networks can easily expose your private and confidential data – particularly if you are checking your email accounts, accessing sensitive websites, or online shopping. In the latter case, hackers could hijack your financial information and potentially use that info to make fraudulent purchases or wire transfers. Over 89% of cyber attacks are motivated by financial or espionage reasons, according to Verizon’s Data Breach Investigation Report — and you don’t want to end up a victim of either motive. It can go beyond your financial institutions, too. If you’re logged into a public Wi-Fi hotspot on your mobile device, your private pictures, videos and other information might even be at risk, according to security consultant Luke Bencie, via the Harvard Business Review.
Even if you make a habit of avoiding public Wi-Fi, studies show that the vast majority of Americans don’t. According to Private Wi-Fi, three-quarters of people surveyed admitted to browsing sensitive websites — like their email accounts — while on public Wi-Fi networks. One experiment, conducted by IT security firm Avast, demonstrated how susceptible we can be to the allure of free Wi-Fi. The security firm set up fake Wi-Fi hotspots at the Republican National Convention with names ranging from “I VOTE TRUMP! FREE INTERNET” to more legitimate-sounding monikers like “ATTWifi at GOP.” According to Avast, 1,200 people logged into those fake hotspots — and 68.3 percent of them went on to conduct online activities that compromised their identities and data, Avast stated in their report.
This is despite the fact that people are warier of public Wi-Fi networks than they are of public toilet seats, according to a recent ZDNet poll. And people are leery of public Wi-Fi for good reason: over half the adults in the United States have had their personal or sensitive data exposed to hackers, Bencie wrote. That’s a frightening number, but it makes sense when you consider how time-strapped and convenience-seeking modern society can be. According to a 2016 study by cybersecurity firm Symantec, over 87 percent of those surveyed admitted to using readily available public hotspots. And more than 60 percent of them think their information is safe, according to CNBC.
It gets worse: the fact is that security measures such as firewalls and antivirus software are useless against these kinds of public Wi-Fi-based attacks. On top of that, these attacks don’t require any sophisticated hacking tools or spy-level software — most of the methods are easy and widespread. There are a variety of simple methods hackers can use to intercept and spy on your data. And worryingly, there are a plethora of easily accessible online video tutorials on the subject — and some of them have millions of views, according to Bencie.
Other Types of Attacks
One of the most commonly used techniques is called a “Man in the Middle” attack, according to HBR. This method involves tricking a user’s device into thinking that a hacker’s machine is the access point for a Wi-Fi network. By connecting to this compromised network, it allows an attacker to intercept basically all traffic originating from a user’s machine. Another avenue of attack, aptly dubbed the “Evil Twin” method, involves setting up a duplicate Wi-Fi network in a public area such as a hotel. An attacker will ensure that their fraudulent Wi-Fi network — which likely shares a name with an authentic network — has a stronger signal than the legitimate one, tricking a user into logging into it.
These attacks aren’t just limited to individual hackers, either. Kaspersky Lab unearthed an extremely sophisticated hacking campaign in 2014 called “Dark Hotel.” Before it was discovered, Dark Hotel had operated for at least seven years, and security experts believe it was a spying venture created for economic espionage purposes created by an unknown government. The campaign targeted CEOs, intelligence agencies, executives and other high-value players while they were traveling in Asia. When these targets logged into their hotel’s Wi-Fi networks, the attackers infected their machines — installing malware that remained dormant, but could be reactivated at any time to remotely gather information.
Are Mac Users Safe?
The risk of attackers installing malware is present even if you’re using a Mac-based computer to connect to a public Wi-Fi network. While Mac users have long believed that they are safe from viruses and trojans normally, this is increasingly becoming less true. In the past, most hackers would concentrate their efforts on Windows users, but there’s been an increasing number of Mac-native malware spotted in the wild by security researchers. Some are ported from Windows variants, while others seem to be tailor-made by government actors to attack Mac machines.
How to Keep Your Data Private
So while not every public Wi-Fi network might be compromised, it’s undoubtedly smarter to play it safe and use such networks sparingly, if at all. There are, of course, times where you’ll have no other option than to log in to a public hotspot — and in those cases, it’s important to take the necessary precautions. Luckily, if you have no other choice, there are a few different methods you can use to help protect yourself and your data, via Bencie’s report.
Don’t ever shop online or browse sites with sensitive data over a public Wi-Fi network.
Turn on two-factor authentication whenever you can. That way, even if your login credentials are stolen, attackers won’t be able to access your account.
Use a Virtual Private Network (VPN). This encrypts your device’s communications, foiling most attempts at spying on your data. This is an efficient and economical way of ensuring your data is protected — and there are a wealth of options available as far as virtual private networks go. To give you a head start, here are the top three VPNs that we personally recommend.