Wi-Fi seems to be the very first thing to check out whenever we go to a public place, such as a resturant, a coffee shop or a shopping mall. With the popularity of social media, youtube, tiktok or anything that is digital, we are having even higher dependency on data and Wi-Fi. If you haven’t really questioned if every public Wi-Fi is realiable, you should check out this article. You will learn how to browse safely when on public Wi-Fi.
Contents
- Risk of Public Wi-Fi
- Good Habits for Using Public Wi-Fi
Risk of Publick Wi-Fi
The risk of using public Wi-Fi essentially is Man-In-The-Middle attack. No matter how the connection is set up or what kind of attacks the bad actors are going to perform. We will deep dive into this now.
There are two dangerous scenarios for using public Wi-Fi. First, when you go to a coffee shop - ‘I love coffee’, you may connect to the Wi-Fi looks mostly likely to be the coffee shop - ‘ilovecoffee’. That is right but you know everybody can create a personal hotspot and name it ‘ilovecoffee-fast’. If you happend to connect to a phishing hotspot that is created by the hacker, then he may be able access everything you are sending and even install malware on your computer.
The second scenario is that now you connect to the right Wi-Fi offered by the coffee shop. The hacker also connected to the same one. When you are both on one public Wi-Fi network, there is a high risk that the hacker can leverage some hacking techniques to access your computer.
No matter it is secanio I or II, the hackers are trying to the same thing – get himself connected to your device and involved in your data transfer.
What exaclty can the hacker do when using Man-In-The-Middle on your computer?
-
See the traffic going in and out your device. The attacker can recieve a copy of the traffic you send out or recieve. Let’s assume you are checking your bank account information. The hacker can probably see your credentials.
-
Modify the message you recieved. A even worse case is that the hacker can modify the information that you are going to recieve. For example, instead of sending you the right website for authentication, they redirect you to their phishing websites where every piece of information you provide will be logged by them.
-
Sending malicious information to your device. The hackers can literally send some malware to your computer and make it look like a very legit system upgrade or software download package. Once the malward installed, they can do anything they want.
Good Habits for Using Public Wi-Fi
After understanding the threat scenarios, we can defend around the main threat. The key would be double verify the Wi-Fi you connect, be careful on the information you recieved and avoid accessing sensitive information on public Wi-Fi.
1. Choose your public Wi-Fi
A better public Wi-Fi is one that is legitimate and has as few users as possible. Look for a Wi-Fi network that is password protected, provided by a high-profile brand. However, be aware that a macilious hotspot can name themselves as legitimate as a normal business site like Starbucks.
2. Browse HTTPS sites or Use a VPN
Since the hacker want to read what you send and recieve, if your traffic is encrypted, it will be a layer harder for them to see through. When you are using a VPN, it’s like your traffic will be wrapped with password protected container. So it’s hard to see through. However, yeah, you would have to pay extra for the VPN cost.
On the other hand, without a VPN, you can still stay encrypted - HTTPS. HTTPS is the advanced HTTP protocol with ‘Secure’ and encrption. Nowadays, the browser service providers are actively reduce the HTTP traffic by present a warning to the user, like the picture below:
Therefore, if you are visiting a site on a public Wi-Fi, avoid these HTTP connections.
3. Avoid Risky Activities on public Wi-fi
3.1 Don’t provide sensitive information
Even though your traffic is encrypted, the hacker can actually download everything with encrytion and figure a way to decrypte the data into clear text later when he has time. Therefore, the best to avoid any risk from the bottom is – don’t do serious work on a public Wi-Fi.
3.2 Avoid any download or upgrade activities on Wi-Fi
As mentioned earlier, when you download something to your computer, it could be a malware modified by the hacker. If you really really need to do the downloading, checking the legitmacy of the site could help a little bit but will not provide you 100% ensurance. Using your own mobile hotspot would be the safer choise, but, it costs data, I know.
4. Always “forget” the network after you use public Wi-Fi
Remembering Wi-Fi connection is convenient, but it could introduce risks. Because your device will try to connect to any network with the same name and password without your permission and the network can be something provided by a hacker intentionally.
Hope you enjoy this article and learn something useful after reading.
As always, a small step to make a big difference by developing cyber security knowledge as a common sense.