While many of us enjoy mobile internet access through 4G/5G when out and about, connecting to free public Wi-Fi is still desirable as it saves on data usage and is generally faster.
Free Wi-Fi is now ubiquitous, especially in cities: If you are in a café, hotel, bar, mall, or airport, it would be surprising if you could not connect your device to a public Wi-Fi network. These days, you can even connect to Wi-Fi on trains, planes, and even rural areas like national parks.
And yet, while access to free Wi-Fi is a boon for most of us, it’s also a common attack vector (entry point) for cybercriminals. Beyond the specifics – which we will look at below – consider that public Wi-Fi, by its very nature, is open and unprotected to allow anyone to access it. That makes it vulnerable to hackers, and they have a variety of tools to attack devices on public Wi-Fi. The Federal Trade Commission puts it bluntly: Public Wi-Fi isn’t secure if you don’t have Wi-Fi protection for your mobile devices.
One of the main risks revolves around the hacker positioning themselves between you and the connection point, meaning that whatever you intend to send to the hotspot while browsing the internet, goes to the hacker instead. This could be any type of data, including financial information (credit cards), passwords, sensitive business information, and so on.
But how are the hackers able to intercept and position themselves in the middle? One approach is by using the outdated encryption methods used in Wi-Fi hotspots. Often, these hotspots use older standards for encryption, such as WEP (Wireless Encryption Protocol), which are vulnerable. Even WAP (Wi-Fi Protected Access), which was designed to replace WEP, has many flaws and is easily hacked.
And yet, perhaps one of the “smartest” techniques for creating entry points is via a rogue Wi-Fi network. Imagine that you were visiting a coffee shop called “Cuppas,” and when looking at the available Wi-Fi options, saw “Cuppas Free Wi-Fi.” How do you know this isn’t a rogue hotspot that simply used that name? The truth is: you don’t. It’s very easy for hackers to create such a setup, and they can easily execute a man-in-the-middle (MitM) attack if you join the rogue network. This is a common tactic used by cybercriminals, and despite its simplicity, it can be highly effective.
Once hackers have opened an entry point, whether through a vulnerability in the Wi-Fi hotspot network or by creating a fake one, they have a range of options that can compromise your mobile security. For a start, controlling the Wi-Fi means that hackers can create a fake DNS (Domain Name System). In essence, this is a kind of phishing attack that ensures you visit a fake website instead of a real one. The fake site could be a bank or other platform that encourages you to enter sensitive financial data.
Of course, apart from trying to steal your data through a phishing attack, rogue actors could also distribute malware through the network. Last year, for instance, there were reports on a new type of malware, Emotet, that used botnets to easily spread across unsecured public Wi-Fi networks. This is just one of a range of malware attacks that can be unleashed. To stress the point again, it is the attack vector (public Wi-Fi’s vulnerable entry point) that allows cybercriminals a range of devious options if your device is not fully protected.
So, how do you ensure safe browsing when using public Wi-Fi? From what we have said so far, you might consider not using public Wi-Fi at all. After all, your mobile internet network (4G/5G) offers much better encryption (although it’s not completely protected) than public networks. However, if you do choose to access public Wi-Fi, there are steps you can take to mitigate the risk, and, additionally, you can get complete mobile network protection if you use solutions like the ZoneAlarm Mobile Security App.
Some steps to take to protect yourself and data include refraining from accessing personal, financial, or business data when using public Wi-Fi, changing your settings so that your device doesn’t automatically connect to nearby Wi-Fi, and logging out from important accounts, i.e., don’t remain permanently signed in. You might even want to use a VPN that hides your IP address, normally a key piece of information hackers need to access your device.
Of course, as more and more people are working remotely, the abovementioned methods might not be practical, even if applying these safeguards is advisable. The best protection for mobile, however, is implementing a complete security solution like ZoneAlarm Mobile Security. With its privacy-first approach, safe browsing and downloads, and anti-phishing capabilities, as well as other enterprise-level virus and malware protection, no matter what kinds of risks might be lurking in public Wi-Fi networks, you can access your data with peace of mind, free from any worries of attack.