Everyone loves WiFi, in fact we people love it so much that it has became fourth necessity among the three necessities which includes “Food”, “Clothing, “Shelter”. Well jokes apart, because of this WiFi is available everywhere, i.e, inside shopping malls, restaurants and cafes etc. These public WiFi are used on daily basis.
Recently, ITRC did public survey where three out of four people answered that they use the free public WiFi almost everyday. However, what people doesn’t realize that public free WiFi are not safe, you may argue that it does provides password to login, and its true, but, it doesn’t mean that your activities, you did on the public WiFi are are safe. Not only you love public WiFi but so do hackers so if you’re not cautious enough, it is possible that you’re virtually risking your identity, your social media account or even your money.
Note : Here is the link to download the PDF Report for the survey that ITRC did, you can read that in the detail later – Download the report.
Public WiFi – How data can be stolen?
Hackers can compromise your data with two ways, to be honest, these two ways can be applied to any possible hacking incident. Allow us to explain, Whenever a planned robbery crime occurs, we always assume that there might be possibilities that criminal can be someone from the inside. The other possibility that we consider is – The criminal is outside person who did survey and carefully planned the crime.
In-short to carry out a hack-attack one needs to be on the same network or he needs to create a fake hotspot connection, so that other people can connect to that fake hotspot. Let us get more deep into the subject to see how these two possible ways can work.
Attack from the same network
What makes public WiFi dangerous, is that its accessible to all, for hacker who is interested in gathering data from multiple users, places like public WiFi is a holy grail. When on the same network, he can execute “Man in the middle attack” where he can gather information by keeping tabs on the communication happening on a particular public WiFi. With this attack he can also get email ids, passwords and many other information.
We have explained this attack in detail when we spoke and discussed on how – HTTPS and SSL are not secured as you think they are.
However, to explain the gravity of the situation, assume that you are on a business trip in somewhere and someone is behind the specific data, He will connect to that same public WiFi that you are connected to and will keep track on your email conversation and may even spy on you by deploying some kind of spyware program.
If you have file sharing enabled he can also send you infected malware or spyware through the file sharing feature and keep track on you and your work. This is how dangerous man in the middle attack is.
Attack from Fake WiFi Hotspot
Another thing that makes public WiFi network dangerous that is – You can’t distinguish between the real and the fake network. A Hacker can set his own fake Hotspot network in order to trick users to use that particular network, with this he can get your personal information which includes your IDs and Passwords and your bank account information and much more.
So now that you are aware of how dangerous those free public WiFi network are, allow us to give you some tips to stay safe on these public network.
Tips to keep yourself well protected on these free WiFi network
Well, if you really can’t avoid the temptation or need to connect to these WiFi networks at least make sure you are safe and well protected. Because carelessness can become fatal.
1. Verify the network’s legitimacy and connect to the network which you trust
Whenever you are connected to the public WiFi in public places make sure to ask the authorities that the WiFi name is legitimate or not. As explained earlier that hacker can use fake WiFi hotspot that he created to let users connect to it. So if the authorities there can’t verify the legitimacy, avoid connecting to that network but if you really can’t avoid, then turn off the file sharing options on your device, doesn’t matter whether its laptop or phone. You should turn off the file sharing in the settings.
One thing you should remember that, you should connect to the WiFi network you only trust. For example let’s say you visit Starbucks that is near to your house almost every weekend, and, the owner there knows you very well, so at places like these you can connect to the WiFi and do whatever work you want to do but that doesn’t mean you shouldn’t stay alert and cautious.
People have tendency to connect to any free WiFi they find anywhere without even confirming whether it is safe or not and hence this careless attitude over personal digital security always turns out to be a fatal one.
2. Use a “VPN” i.e (Virtual Private Network)
A VPN also known as a Virtual private network is the most safe option to surf the web using public WiFi network. Virtual private network creates protected covering to encrypt your connection so that you can browse safely without any issues. Hence all the data that passes through this protected covering won’t be visible to hackers and they can’t get access to it.
VPN also changes your location to their own location using a proxy or their own IP address. So for example, if we are connected to network using VPN the VPN will show our location of some other country like USA or Canada even though we don’t belong to them.
VPN is beneficial in times if you can’t get rid of temptation to connect to free WiFi network. VPN are divided into two types, first is “Free VPN” and other one is “Paid VPN”.
You can choose any one of the two categories, but we don’t recommend you to opt for Free VPN Service. That’s because Free VPN are not entitled towards customer’s satisfaction a paid VPN can offer you much more service at a reasonable rate.
The most trusted VPN we can recommend you at a reasonable rate is “TunnelBear VPN“, not only it does offer a free trial but a yearly unlimited data for entire year at just $4.17/month.
Its extremely easy to use and the customer service is also good, and, it can be used on both Mobile and Desktop platforms. If you’re new to VPN or you’re going to buy it for the first time then TunnelBear VPN is the best choice, as its easy to install and easy to connect.
TunnelBear VPN has their servers up and running in more than 20 countries and offers up to five connections at the same time, which is pretty good. It has strong privacy measures and clear policies. It also performed really well in our tests. If you’re not sure then we are offering you to try this VPN service for 7 Days its a limited offer – TunnelBear VPN – Try it for 7 Free days
3. Visit only “HTTPS” enabled website
Now in our previous article we spoke on how – HTTPS and SSL are not secured as you think they are. So you might wonder why we are telling you to visit HTTPS only enabled website when on public WiFi network, even though we claim HTTPS is not secured?
Well that’s an excellent question but only if you have read the article you will know that we did mentioned – “HTTPS does encrypts your communication and the data that is transferred from one end to other end over the web.” In short any data that is submitted to the website over HTTPS connection will be safe from eavesdropping and tampering.
If the websites shows a padlock symbol before the URL that means the website uses encryption.
4. Keep the “Firewall” enabled
Turning off the firewall of your system can give hackers the access to your system easily. Firewall, is something that should be kept enabled always as a security measure even though it doesn’t guarantee complete and full-proof protection. What firewall does is that it keeps your system or device secure by acting as a basic line of defense.
The firewall actively checks for the malicious data packets that can affect your system and blocks them if detected. In Windows operating system we always disable firewall because of those annoying pop-ups and we forget them. But while using a public WiFi network it is essential to turn them on, so for Windows users – Head over to “Control panel” and search for “Firewall Settings” and turn the system firewall on. For Mac users go to “System Preferences”, then “Security & Privacy”, then “Firewall” tab and enable Firewall on Mac computers.
5. Using Antivirus & Always check “forget the network” option
Antivirus can help protect your systems by detecting malwares and spyware that gets on your system when you use public WiFi networks. Always use the latest version of antivirus program that is installed on your device. Also make sure that the antivirus is updated, if not update it. An alert will be shown by the antivirus as soon as it detects anything that is malicious and will harm your computer. Once you are done using the public network, always check “Forget network” option.
Some extra tips
Make sure you don’t do sensitive work when you are on the public network like doing some bank transaction or exchanging emails related to work. Also make sure you disable auto connect so that your device don’t connect to that public WiFi again when you visit that place next time. Always install software updates of your system to keep it up-to-date.
How to Recognize “Risky” WiFi network or Fake Hotspot?
We did mentioned earlier that hackers might create Fake hotspot to lure the users to join in but, we never discussed about how to detect such fake and risky network connections. So let’s do that now. However before we dig into it let us first recognize the most risky and vulnerable ones, that gives the sign of potential danger.
The most risky ones are the one that doesn’t require any password authentication to join. On your phone or laptop an open WiFi network can be shown without any padlock icon. Many businesses often keep their public network open because distributing password is pain.
Hence we get tempted to join such open networks but there is a huge downside to it and that is – If there’s no password, all of the traffic flowing to and from that network or hotspot is not encrypted. That means all the data and activity on that network will be easily accessible.
Essentially, the data flowing to and from your computer is being transmitted as plain text and not in an encrypted format. This is why public WiFi presents such a danger.
However that doesn’t mean that even WiFi hotspot with the passwords are secured. Even though the WiFi is secured with a password, but the router or the hardware itself is old with old security measures then even that WiFi hotspot is not secure. So can you be sure that the Starbucks outlet owner near your house that you visit every weekend uses latest version of hardware?
How to avoid the VPN Problems?
There are two potential VPN problems no matter what version of VPN you use (Free or Paid) exists and those are connection gap and connection drop, here will discuss how to avoid those problems. VPN are the best and secure way to browse on public WiFi as of now, but those aren’t complete fail-proof.
1. The Connection gap
When you first connect to a public WiFi, you need to start VPN after that. However even after your best efforts, there will be few seconds where the VPN won’t protect you even with the automatic connection the problem remains. The brief seconds it takes to connect becomes a window of opportunity for hackers to exploit your system. Firewall settings can prevent you during those brief seconds. But still if you want to avoid that issue then you first need to know why this happens.
If you have any application on your system that uses internet or WiFi to work, then it will try to connect first before the VPN connects. Even an email application will transmit your login details as soon as you connect to the public WiFi network. This is the small window of opportunity that every hacker will try to grab and every person want to avoid. So what is the solution for that?.
More than a solution its a workaround – With the Firewall, you can limit all the connectivity for applications that uses internet. Create a highly restricted zone in the Firewall settings that will prevent most of the traffic as soon as you connect to any public WiFi network. Then create more relaxed state of rules for VPN and then traffic will only pass through VPN once its get connected.
2. The Connection drop
Sometimes in fact many times, your VPN loses connection and then your network settings revert back to regular state. Worst is that you don’t recognize this because there isn’t any alert to notify that your VPN has stopped working. With this you continue to browse the web on the public network with unsecured connection and this opens a window for hackers to exploit your system.
So the only solution to this problem is – Whenever you shop for a VPN Software, always buy the one that has “Kill switch” mechanism included. What this mechanism does? Whenever your VPN loses connection, it will turn off your internet connection and that will prevent any data from being transmitted or received until you turn on the VPN yourself.
Note: There are different names for Kill switch mechanism for different VPN software hence it is always good to check out the features of the VPN you are going to buy and then make your decision whether to buy it or not.
If you can’t get access to VPN service then you can beef up the security of your system with some tweaking. VPN are not the only ways to protect yourself on the public WiFi networks. Internet has became an important part of our life. In our rush to get online as soon as possible, its natural that we get tempted to free and open public wireless networks. But if you’re not prepared or cautious enough you are opened to identity theft, data loss or even worse.
If you have anything to say feel to comment on this post using the comment section down below.