While public Wi-Fi is extremely convenient and lets you access the internet at public places like airports, hotels, coffee shops, etc., using such a network can open your devices to a host of risks, the biggest one being hacking. Public Wi-Fi networks make it extremely easy for hackers to hack into connected devices since there are no safety protocols in place that can block them. Because of this, hackers use such networks to launch different types of cyber attacks, which include MITM, session hijacking, packet sniffing, and more.
Common attacks
Here are the most common types of cyberattacks that occur on public networks.
- MITM attacks: MITM stands for Man-in-the-Middle and in an MITM attack, a hacker sneaks in between your device and the website you are trying to access to manipulate or steal valuable data. It is one of the most common types of attacks that occur on an unsecured Wi-Fi network.
- Evil Twin attacks or fake hotspots: As the name indicates, the fake hotspot attack takes place when a hacker sets up a fake hotspot that appears like a real one. When you connect to it, your data becomes easily accessible to the hacker, who can then use it as they like.
- Packet sniffing: While packet sniffing does not directly cause any immediate harm, it can provide hackers access to your data. In packet sniffing, hackers capture and analyze all the data that is transferred over the open Wi-Fi network. Thanks to HTTPS, such attacks are no longer as effective, but data can still be exposed on websites and services that do not rely on it.
- Session hijacking: Just like passwords, hackers can steal session cookies, which is what happens in session hijacking. They can then have access to your data without needing your details and use it as they wish. This is another type of attack that is easier on unsecured Wi-Fi networks.
- Malware injection: Malware can easily infect your device when you connect it to a public Wi-Fi network. Hackers can take advantage of device vulnerabilities to insert malware which can then be used to track your usage and steal information without your knowledge.
Keeping yourself safe on public Wi-Fi
If you do need to use a public Wi-Fi network, you can take certain steps to keep yourself safe from various threats. We have outlined them below.
1. Use a VPN
A virtual private network or VPN functions like a virtual tunnel and masks your IP address while also encrypting your data when you connect to a network. Because of this, it makes it extremely difficult for hackers to access your data. You can download and install both free and paid VPNs on your devices to keep them protected from hackers.
2. Connect to secure websites only
HTTPS or hypertext transfer protocol secure (HTTPS) is the secure version of the regular HTTP that transfers information between connected devices. When connecting to a network, check that HTTPS appears along with a padlock icon in the browser address bar. Avoid websites that do not use HTTPS since they are not secure and pose risks. You can also turn on the 'Always use HTTPS' option for websites that require you to enter credentials or those you visit frequently.
3. Turn off automatic connections
With automatic connections, your devices can easily connect to known networks in familiar places, such as your office or home. However, they can pose a risk when you connect to a public Wi-Fi network and can open your devices to threats like evil twin attacks. So check your devices and ensure that they can connect to recognized networks only and turn off automatic connections for other networks. Always verify public networks before connecting to them.
4. Avoid sensitive transactions and sharing personal information
When undertaking financial transactions, check and ensure that you are on a secure and trusted network. Avoid entering your bank details while being connected to an open, unsecured Wi-Fi network. Additionally, when using an unsecured Wi-Fi network, do not enter your personal information like your Social Security number or address on websites and apps, and avoid signing in to sensitive accounts like your email or bank account.
5. Protect yourself from malware
Keep your applications and your operating system up to date by installing the latest bug fixes and patches that can help keep them protected from malware. Rely on a robust antivirus program that is known to be capable of identifying and protecting against various threats. Keep your firewall enabled at all times, run virus scans regularly, and keep the program updated with the latest virus definitions.
6. Use two-factor authentication
Two-factor authentication or 2FA provides an additional layer of security that can help you protect your data when signing in to an account. When you enable two-factor authentication, you will get an authentication code on your phone before you can sign in to an app or website. Without the code, the website or app will not let you log in, which is why it can be very helpful in protecting you against threats on unsecured networks. You should enable two-factor authentication for all important accounts.
7. Turn off file sharing
File sharing lets you easily receive and send files from one device to another but can pose a major security risk on public networks. This is because it opens up network access to your files, which hackers can use to access sensitive information, like personal photos and financial data. Depending on the device, there can be different methods you can use to disable file sharing.
Things to know
- Using mobile data can be an alternative to public Wi-Fi networks and can help you avoid security breaches. If you use a device that can only connect to a Wi-Fi network, you can set up a Wi-Fi hotspot on your phone and connect to that.
- You should also clear your browsing history and cache from the web browser before connecting to a public network as an added security measure.
- If the Bluetooth on your device is turned on, switch it off when you need to connect to a public network. This will prevent others from connecting to it on such networks and accessing your data.
- Once you disconnect from a public network, scan your device for malware and purge all unfamiliar networks. Then restart your computer before using it.
Member discussion