Cyber Security: Public Networks & Wi-Fi Security
Cyber Security: Public Networks & Wi-Fi Security
Public Wi-Fi is widely available, but it can also come with security risks. With so many people relying on public Wi-Fi networks to stay connected on the go, it’s important to understand the dangers and take precautions to protect your personal information. Studies have found that 43% of people have had their information compromised while using public Wi-Fi. We’ll dive into the risks of using public Wi-Fi, where people are using it and what you can do to keep your information secure.
Public, Free, Open Wi-Fi networks are akin to Unsecued Networks. Even though a password-protected guest Wi-Fi network offers more security than an open network, it’s still considered an open network if the password is publicly available. This means that any device within range can connect and use the internet.
In the image below, we see Secured and Unsecured Networks.
Some Key Statistics:
43% of people have had their information compromised while using public Wi-Fi
The majority (35%) of people access public Wi-Fi 3-4 times a month
23% of people use public Wi-Fi to cut down on cellular data usage
20% use public Wi-Fi to make financial transactions
The majority of people have had their information compromised on airport or restaurant public Wi-Fi
Airport Wi-Fi Networks, Paid In-Flight Services, and Hotel Wi-Fi's
It’s interesting to note the heavy use of public Wi-Fi in the airport, which can be a vulnerable time for travelers who may be accessing sensitive information, such as flight itineraries or passport numbers.
Not only are airport Wi-Fi networks risky, but so are paid services on airplanes, such as Boingo Wireless. People often don’t “Forget” saved wireless connections on their computers or phones. This can open them up to attacks (see below).
Even hotel Wi-Fi networks can be risky. The lobby is usually an unsecured public Wi-Fi, most people believe that since they are in the hotel, they are secure. Most hotels today offer secured Wi-Fi for your room. Typically the password is your room number and last name; which could be guessed by someone else in the same hotel.
How to protect yourself
The best way to protect yourself when using public Wi-Fi is by ensuring it’s a secured network with encryption technology. Make sure you use a strong password on your devices and consider using a virtual private network (VPN) that uses Full Tunneling, when you’re connected to public Wi-Fi.
A VPN using Full Tunneling encrypts all the data sent between your device and the router, making it harder for hackers to access your data. You should also avoid visiting sites that require you to enter personal information such as passwords or credit card numbers.
Note: This is referencing a personal VPN. Barracuda VPN uses split tunneling and will not protect you for general internet usage. It only creates a tunnel to the Method network resources.
Cheat Sheet
Here is a cheat sheet for you to reference:
How to Forget a Wi-Fi Network
If you don’t want your device to automatically rejoin a network, or you want it to join with a different password, you can make your device forget that network and its password.
How to Forget a in Windows
How to Forget on Android
- Open Settings.
- Tap Connections or Network & Internet.
- Tap Wi-Fi or Internet.
- Navigate to the Settings menu of the network you want to forget.
- Tap Forget.
How to Forget on iPhone or iPad
Forget a network on iPhone or iPad
To forget the network that you’re currently using:
How to Forget a network on Mac
Is you Wi-Fi secure?
This is the question you need to ask yourself if you’re experiencing any of the following:
- Extremely slow Wi-Fi
- A surge in phishing emails or fake antivirus messages
- Unknown devices connecting to your router
- Unauthorized software installations
- An unexpected Wi-Fi password change
- Your router suddenly requiring a password
Unfortunately, any of these signs may indicate that your Wi-Fi network has been hacked. Below is a list of common Wi-Fi attacks.
Common Wi-Fi Attacks
Password Attacks
One of the most common ways cybercriminals gain access to WiFi networks is through password attacks. They can do this by guessing or cracking the password. To prevent this type of attack, it is crucial to create a strong password that includes a combination of upper and lower case letters, numbers, and symbols. Avoid using common words, personal information, and predictable patterns.
Cracking attack (a form of Password Attack)
This Wi-Fi attack, which is launched using either simplistic (brute force) or complex methods, exploits the security weaknesses of a wireless network to infiltrate it. Such vulnerabilities are commonly caused by poor configuration or weak or flawed security protocols.
Man-in-the-Middle Attacks
A man-in-the-middle attack occurs when a hacker intercepts communication between two devices on a network. They can then steal sensitive information or inject malware into the network. To prevent this type of attack, always use a virtual private network (VPN) when connecting to public WiFi networks. Also, avoid accessing sensitive information such as bank accounts and credit cards when using public WiFi.
Evil Twin Attack (a form of Man-in-the-Middle)
In this type of Wi-Fi attack, cybercriminals set up their own system that impersonates a legitimate WAP. However, they use a stronger broadcast signal than the legitimate one to dupe unsuspecting users into connecting to their system.
Once a user is connected to the fake system, the cybercriminal can easily read any data (e.g., credit card numbers, login credentials, personal information) that the user sends over the internet.
Rogue Access Points
Rogue access points are unauthorized WiFi devices that hackers set up to gain access to a network. They can be difficult to detect as they appear to be legitimate access points. To prevent this type of attack, regularly scan your network for unauthorized devices. Also, ensure that your WiFi router is password-protected and that you regularly update its firmware.
Piggybacking (a form of Rogue Access Point Attack)
Most wireless routers and wireless access points (WAPs) have a broadcast range of 150–300 feet indoors and as far as 1,000 feet outdoors. Any user within this range can connect to an unsecured Wi-Fi network. More savvy users can even drive around neighborhoods with a computer and a powerful antenna in search of unsecured wireless networks. This is a type of piggybacking called wardriving.
The problem is that when unauthorized people piggyback on your internet connection, they can use it to conduct illegal activities, monitor and capture your web traffic, or steal your personal files.
Eavesdropping aka Wireless Sniffing
Eavesdropping is when a hacker listens in on the communication between two devices on a WiFi network, allowing them to steal sensitive information, such as passwords and credit card numbers. To prevent this type of attack, ensure that your WiFi network is encrypted using the latest protocols, such as WPA3, and avoid using outdated ones such as WEP.
Denial-of-Service Attacks
A denial-of-service (DoS) attack is when a hacker floods a network with traffic, making it inaccessible to users. To prevent this type of attack, use a firewall to block traffic from suspicious IP addresses. Also, limit the number of devices that can connect to your network.
Related Articles
VPN: Troubleshooting Barracuda VPN Client
VPN: Troubleshooting Barracuda VPN Client Here are some troubleshooting steps to take if the VPN isn't connecting. Credentials: Your username should be your first initial last name. The password will be your computer password (not email). Your ...VPN: Understanding Virtual Private Networks (VPN)
VPN: Understanding Virtual Private Networks (VPN) VPN or Virtual Private Network - What is it? What does it do? Understanding Virtual Private Networks is key to safeguarding your information. VPN stands for Virtual Private Network. It's a service ...Cyber Security: Data Brokers – What Is Your Data Worth?
Cyber Security: Data Brokers – What Is Your Data Worth? A data broker (also known as an information product company) is an organization that makes money by collecting your personal information, analyzing it, and licensing it out to be used by other ...Cyber Security: Phishing Attacks
Cyber Security: Phishing Attacks What Is Phishing? Phishing is a fraud technique where a malicious actor sends messages impersonating a legitimate individual or organization, usually via email or other messaging system. Many cyber attackers ...Cyber Security: 5 things everyone should do to outsmart online criminals
Cyber Security: 5 things everyone should do to outsmart online criminals 1. Always be suspicious If you receive a video, phone call, voicemail, email, or direct message, try to confirm independently with the sender that it's real. If you don't ...