You’ve probably heard that public Wi-Fi networks, like those in coffee shops, hotels, and airports, can be dangerous. While these networks are convenient, using them could open you up to security risks.
Let’s look at some of the ways free public Wi-Fi can pose a danger.
1. Your Connection Isn’t Private
On a secure network such as your home or office, your connection is encrypted. Someone in range of the network can’t see what you’re doing online unless they have the Wi-Fi password for accessing the network.
When you’re on a public network you don’t have this protection. Public Wi-Fi allows anyone to connect without providing a password, so there’s no telling who else is on the network. Even worse, it’s trivial for someone to snoop on your session.
If you visit a website that uses an insecure HTTP connection, anyone else on that network can see what webpages you’re visiting and what you’re typing onto forms. Even if you visit a secure webpage that uses HTTPS, such as a banking site, someone could still see that you’re using that site.
Thankfully, more websites are using HTTPS by default than ever before. This means that using public Wi-Fi for a quick Google search isn’t a big deal, but you shouldn’t do anything that you aren’t comfortable with others knowing about.
2. You Could Connect to a Fake Hotspot
Whenever you open the Wi-Fi settings on your laptop or phone you probably don’t think much about the public network you’re connecting to. If you’re staying at a Holiday Inn, for example, you might look for Holiday Inn Free Wi-Fi and connect without a second thought.
But this can lead to serious problems. An attacker could purchase a device that allows them to set up their own Wi-Fi network. If that person was near the hotel, they could create a similar-looking fake name, such as Holiday Hotel Free Wi-Fi.
If someone wasn’t paying attention and connected to this network, the attacker would be able to watch and capture everything the user was doing online.
3. The Network May Be Compromised
The first scenario above applies to all public Wi-Fi networks, but assumes that nobody has tampered with it. There’s an additional danger if someone malicious were to compromise the network.
If they gained access, they could set up the network to perform a man-in-the-middle attack. This type of attack hijacks the communication between two devices who think they are talking securely. For instance, your computer thinks that it’s sending your bank password to your bank’s website, but it’s actually being intercepted along the way by a malicious third party.
Obviously, this is bad news as the hacker would have access to sensitive information you’ve provided.
This isn’t the only way a network could be compromised. If you have automatic file sharing enabled on your computer, an infected computer on the network could spread malware to your machine. When you connect to the compromised network you might even see a prompt to download an “update” which is actually malware.
The KRACK vulnerability from October 2017 affected all Wi-Fi networks.
Be Wary of Public Networks
Public Wi-Fi offers convenience, but are not always worth the associated security risks. In addition to the concerns above, you have no guarantee that the business that is providing the internet connection isn’t tracking your browsing. This could become a privacy issue if you’re performing sensitive work for your company.
The best way to avoid these issues is to stay away from public networks altogether. Use the data connection on your cellphone whenever possible. If you need Wi-Fi access often it may be worth getting a portable hotspot from your phone provider. These devices let you create your own private and secure Wi-Fi hotspot anywhere using mobile data. Using a hotspot from your phone provider enables you to browse the internet safely without having to worry about any of the concerns listed above.