Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints.
Today’s discussion involves public wi-fi and the risks of use combined with ways you can keep your system and data secure IF you must use it.
How many of you out there frequently visit locations that have public wi-fi? Do you use these services regularly? You may want to be very cautious about using public wi-fi in various locations, as there are several risks being taken when connecting to a service like this.
How secure is your data? If you connect to a public wi-fi service, you are putting your data at risk. Why? Since public wi-fi typically utilizes minimal security, threat actors sharing the same connections can obtain your information. Think of this scenario for a moment; the local coffee shop offers free wi-fi service as benefit of shopping there/purchasing coffee. Remember, their focus is quality coffee and associated products, not advanced technology.
There is a local educational institution near this coffee shop. This could be a high school, community college, four-year university, etc. At these educational institutions they teach various aspects of technology. Imagine someone in a class where they are taught how to hack, or how to scan a system. What better place to test that knowledge than a free public wi-fi service? They sit in the corner enjoying a latte acting like homework is being done, while actually sniffing the network and obtaining as much information as they can.
Meanwhile, you have some deadlines to meet, and you also want to get some last-minute online shopping done while enjoying a quick cup of coffee. So, you grab a cup and a table, log into your system, and connect to the wi-fi to knock out these few tasks. In a matter of moments your data and account information are harvested by someone else because some simple preventative security measures were not taken.
The theft of data and account information is not a process that takes long. A seasoned threat actor could obtain this information very quickly, so a “quick connection” may be all it takes. Do not fall into the mindset of “no one cares about my data” or “it won’t happen to me.” Threat actors DO care, and it WILL happen if security measures are not taken.
Ok, ok…I keep speaking of security measures, but what are they? Well, the first security measure you can take is to simply not connect to the free service and use a personal hotspot instead. If this is not feasible, use a VPN service. A Virtual Private Network encrypts all data sent and received across a wi-fi network regardless of whether or not the wi-fi service is secure.
If you cannot use VPN or a personal hotspot, limit your activities while on the free wi-fi service as to not expose sensitive information. Don’t check email, don’t make online purchases. Merely browse to sites, and make sure those sites are HTTPS sites (this type of site was discussed in the Web Browsing TomCast from last month).
Is theft of data the only hazard or risk of using public wi-fi? No. There are several risks, including man-in-the-middle attacks, session-hijacking attacks, malware loading attacks, and threat actors could also use the connection to launch attacks against the organization you work for (if you are using a company asset or connecting to company resources).
A man-in-the-middle attack occurs when someone impersonates a wi-fi service and tricks you into connecting to it. Your connection will work fine, but the threat actor has access to all data passing back and forth. As another example, imagine you go to Bob’s Coffee Shop. The wi-fi is Bobs Coffee. Well, there are other wifi’s that say B0b’s C0ffee (with zeroes instead of the letter o), or Bob’s Guests. Those could very well be fakes that will result in man-in-the-middle attacks.
A session-hijacking attack is when an attacker intercepts information about your computer and its connection to websites or other services. Once the attacker has that information, they can configure their own computer to match yours and hijack the connection. If you frequently use a site that asks, “remember this computer,” the threat actor would then be able to access everything like the remembered computer could.
In malware loading, if someone on the same public wifi as you has bad intentions, they could plant malware on your computer. A suspect wi-fi provider could use the hotspot itself to infect your computer with these threats. It could be as simple as using the wi-fi network to place ads on every website you visit. The website itself may not run ads, but the wi-fi service can overlay them on top of other websites. In that case, the ads would normally disappear once you disconnect from the wi-fi and go back to your home or office connection. In more malicious instances they could install malware on your systems that would persist regardless of connection.
So, think twice before just connecting to public wi-fi services. They are not necessarily a bad thing to use, but you could be putting a lot at risk for the convenience of a free connection. Don’t let convenience outweigh security.
We here at GuardSight thank you for taking the time to listen to this TomCast. Please share this if you believe it would be of assistance to anyone in your contact list, and please provide us some feedback in the comments so we can continue to improve. Thanks!