While more and more local coffee shops, airport terminals and hotels now offer free public Wi-Fi, security experts warn against using it. And for good reason—public Wi-Fi is unsafe and not to be trusted under any circumstances. Here are 5 reasons why:
- As a result of KRACK (short for key reinstallation attack), a massive flaw discovered in WPA2, others near you can easily access your information—even if it‘s encrypted—anytime you use a Wi-Fi network.
- When you use free Wi-Fi, there’s a risk that hackers can position themselves between you and the connection point. Which means, instead of talking directly with the hotspot, you could end up transmitting your valuable information to the hacker and not even know it.
- Hackers can also use an unsecured Wi-Fi connection to distribute malware. When file sharing is enabled across a network, they can easily plant infected software on your computer. Sophisticated cybercriminals can even hack the connection point itself—resulting in a pop-up window appearing during the connection process and offering you an upgrade to a piece of software. If you click on the window, you install the malware.
- Compromised laptops and other devices may also be connected to the local network and if you select the “home network” or “work network” option instead of the “public network” Wi-Fi option, in Windows, you could be sharing files and other sensitive data with the corrupted machines on the local network.
- The Wi-Fi hotspot itself may be malicious, either because the business’ hotspot is infected or because you’re connected to an illegitimate network designed by a cybercriminal looking to trick people like you into connecting.
There are several precautions you can take to minimize the risk:
- Avoid working with sensitive data, such as financial or health information. It’s okay to catch up on the latest sports scores, but don’t check your bank account or make an online purchase.
- Turn off file sharing and airdrop options.
- Keep your antivirus and antimalware utilities up-to-date. It’s also a smart idea to install privacy-protecting browser extensions.
- Use HTTPs. It’s not perfect security, to be sure, but at least you’ll know your connection to a given website is secure and the information sent to you is encrypted.
- If you don’t work for a company that gives you access to a VPN, invest in one on your own. And make sure it’s trustworthy.
Remember, these measures aren’t foolproof, by any means, and it’s best to avoid public Wi-Fi whenever possible.
To learn about Wi-Fi security, contact Thomas Norman, global cybersecurity technology consultant with Ingram Micro.