Is Public WiFi safe? Many questions have been asked when it comes to the safety of using public WiFi such as: Is public WiFi safe for banking? Is public WiFi safe for checking emails? Is it safe to use hotel WiFi? Is it safe to download apps using public WiFi? Tech experts often recommend not to do sensitive work or online banking while using a public WiFi network. While this is a solid piece of advice, a lot of people don’t realize the dangers associated with public WiFi networks. They believe that since operations like online banking are encrypted, it is perfectly safe and secure to transact online on open networks. However, this assumption is incorrect for a number of reasons and we are going to discuss them below.
Public WiFi networks are insecure and dangerous for a number of reasons. Their open nature often enables malicious operations such as snooping, sniffing and interception of data; man-in-the-middle attacks, malware distribution; and what’s worse, they could even lead to loss of data or money. The most worrying part is that a public network could consist of compromised machines thereby rendering the entire hotspot malicious and dangerous.
Encrypting your home WiFi network helps to protect your online activities from prying eyes. That’s why, your neighbors can’t see which sites you are browsing or apps you are using even when they are within range of your WiFi network. Your passphrase encrypts your online traffic and keeps it totally secure between your device (laptop, smartphone or tablet) and wireless router.
On the other hand, open WiFi networks available at coffee shops, malls and airports are mostly unencrypted. Very often, you don’t even have to type a passphrase to access the network. This means, your online activities become visible to others who are connected to the network. People can see which sites you are browsing, what data you are typing into online forms and even which encrypted websites you are browsing; though they won’t be able to figure out what exactly you are doing on an encrypted site or app.
There are many tools like Firesheep and Wireshark that allow people to capture and analyze data flowing through public WiFi networks. Some tools even allow hackers to hijack others’ browsing sessions and inject malicious data; leading to man-in-the-middle attacks.
While doing sensitive work on a public network, it becomes essential that you do it in an encrypted way. HTTPS Everywhere is a great browser plugin which can help you to keep your online sessions secure by redirecting them through encrypted pages. If you have to use public networks frequently, it also makes sense to invest in a reliable VPN service. When you are connected to a VPN, nobody would be able to see your online activities.
It is entirely possible that laptops or devices infected with malicious programs get connected to a public WiFi network. Sharing files or data with such devices can compromise security of your device or data. The best way to prevent such a possibility is to select “Public Network” option in Windows while connecting to the network (as opposed to selecting “Home” or “Work” WiFi options). This will not only ensure that your connection is locked and secure, it will also prevent sharing of data and files with other devices present on the network.
It is also a good idea to use a firewall and install latest security patches as soon as they become available. Hackers often exploit unpatched security loopholes which can then propagate to unpatched devices on the local network.
Choose “Public Network” while connecting to a public WiFi, use a firewall and keep your device security up-to-date.
A malicious hotspot refers to a compromised public network or a fake WiFi network set up by an attacker. As a matter of fact, you can never be sure whether you are connecting to a legitimate network or a honeypot network created to perform malicious activities while you are connecting to a public WiFi.
If you have to log into your bank’s website through a public WiFi, is it really safe? Theoretically, it should be safe since the encryption provided by the banking site/app should be able to prevent eavesdropping. However, the reality is more complicated than this simple explanation.
There are an array of attacks that can be performed against people connecting to banking sites through public WiFi networks. Tools like sslstrip can easily hijack HTTP connections and convert HTTPS redirects into look-alike HTTP links (also known as “homograph-similar” HTTPS links) in a transparent manner. This means users get connected not to the actual bank website but to a site whose domain name appears similar due to the use of special characters. This allows attackers who have set up the honeypot to intercept even secure traffic and conduct a man-in-the-middle attack.
WiFi Pineapple is an easily available device that allows attackers to set up honeypot networks. It tracks connection requests made on a public network and fools devices into connecting to a fake WiFi network especially when they are configured to connect to their favorite networks automatically. WiFi Pineapple can then help attackers to perform many different types of attacks (including man-in-the-middle attacks) against connected devices. It goes without saying that if an attacker manages to set up such a honeypot in a popular area or a financial district, a lot of people would lose their personal and banking data.
As far as possible, avoid performing sensitive operations such as banking while connected to a public WiFi. If you travel a lot and need to connect to public WiFi networks frequently, make sure to subscribe to a good VPN service. Considering the things that are at stake, it would certainly be a worthwhile investment.
Public WiFi networks are not designed with security in mind which explains why so many people become a victim of online frauds and scams while using them. So, it certainly makes sense to be cautious and not perform sensitive operations while connected to them. However, if need to connect to public WiFi frequently, we recommend investing in a highly reliable VPN service and keeping your computer security up-to-date.
[Image via: Google Images]