FIGURES show that around 70 per cent of people use public wifi around once a week – while 40 per cent of folk who log on when they’re out and about have had their information compromised.
Experts say these public hotspots can come with significant security risks that too many Scots are unaware of.
2
2
From dodgy connections being open to interception to so called ‘man-in-the-middle’ attacks, Trevor Cooke, Privacy Expert at EarthWeb, says it’s time for everyone to become more savvy while online.
He said: “Every time you log onto an unsecured public network, you’re taking a big risk. There are steps you can take to mitigate the dangers, but you can never be 100 per cent secure.”
Here Trevor takes readers through the main threats and how to avoid them.
Risk 1: Lack of encryption on open or unsecured networks
ONE of the primary risks associated with public Wi-Fi is their lack of encryption.
Trevor says: “Public Wi-Fi networks are inherently insecure. When you connect to an open wireless network at a coffee shop, airport, or hotel, all the data you transmit over that network could potentially be intercepted and monitored by someone else on that same network.”
Many public hotspots are unencrypted, meaning any data transmitted over the network is vulnerable to interception by malicious actors. This includes sensitive information, such as log-in credentials, financial data and personal communications.
Trevor’s tips: Use a virtual private network (VPN) to create an encrypted tunnel between your device and a remote server, shielding data from prying eyes.
Avoid accessing sensitive accounts or transmitting personal information over unsecured public Wi-Fi.
Only visit HTTPS websites, which encrypt data transmission between your device and the website.
Risk 2: Malicious hotspots or rogue access points
CYBER criminals can set up rogue hotspots with legitimate-sounding names, luring unsuspecting users into connecting and exposing their devices to potential attacks.
Trevor says: “These rogue access points allow attackers to intercept data and potentially compromise connected devices.”
By connecting to these malicious hotspots, users expose their devices and data to attacks. Hackers can steal log-in credentials, install malware or carry out other dodgy activities on connected devices.
Trevor’s tips: Be cautious of suspiciously named/branded hotspots and verify the network before connecting.
Disable automatic Wi-Fi connections on your devices to prevent auto-joining rogue networks.
Use VPNs and avoid sensitive activities when connected to any unfamiliar network.
Risk 3. Man-in-the-middle attacks
WHEN connected to an unsecured or compromised public Wi-Fi network, attackers can position themselves between the user’s device and the internet.
This allows them to intercept and potentially modify data transmitted over the network.
Trevor said: “‘Man-in-the-middle attacks enable cyber criminals to eavesdrop on internet communications, steal sensitive information, like log-ins or financial data and even inject malicious code into websites visited by the user.”
Trevor’s tips to mitigate this risk: Use VPNs and HTTPS websites to encrypt traffic and prevent eavesdropping.
Avoid public Wi-Fi for sensitive transactions like banking or shopping.
Risk 4: Malware and spyware risks
Public Wi-Fi networks lacking proper security controls increase the risk of devices becoming infected with malware or spyware. Attackers can exploit vulnerabilities in connected devices to install malicious software for various nefarious purposes.
Trevor explained: “Malware infections can lead to data theft, system disruptions, and other harmful consequences. Spyware, in particular, can covertly monitor user activities, steal personal information, and compromise privacy.”
Trevor’s tips to mitigate this risk: Keep software updated with the latest security patches.
Use antivirus and anti-malware protection on all devices.
Disable file sharing to prevent unauthorised access to your files.
Is someone STEALING your Wi-Fi?
Three key signs – and how to boot them off:
The biggest tell tale sign is if your Wi-Fi is slow without reason.
If you’re home alone, you’re not downloading a new game or trying to stream a movie – there’s little reason for your internet connection to falter.
If you’re suspicious, check your Wi-Fi router’s status lights.
However, this only works if all wireless devices are offline completely, and detaching all devices from the network could be tricky if you have a lot.
When no devices are connected to the Wi-Fi, the lights should not be flickering or flashing.
If they are, it’s likely someone else is connected to your network.
Modern routers are often accompanied by a mobile app, which can be used to scan your network for devices.
But if you have an older router, there are other apps to help detect freeloaders.
One reliable app is Wi-Fi Guard, which is available for both Android and iOS devices like iPhones and iPads.
The app gives users a list of all connected devices, so they can spot the ones they don’t recognise.
The trickiest way of checking if you’re not inadvertently paying for someone else’s WiFi use, is to login in to the Wi-Fi admin control panel.
You can do this by searching your IP address in a web browser.
Your IP address will look something like this: http://192.168.0.1/
If you see an unauthorised device in the router’s app or admin control panel, there is usually an option to block, ban, or disconnect the device.
Should you spot them using Wi-Fi Guard, you won’t be able to boot them off via the app.
Instead, you can change the router’s password.
Although, this means that every one of your devices will need to login in again with the new password.
Risk 5: Lack of access controls
MANY public Wi-Fi hotspots have little to no access controls or authentication requirements, allowing anyone within range to connect without any verification.
This open nature makes it easier for attackers to gain unauthorised access to the network.
Trevor says: ‘The lack of access controls means that anyone, including malicious actors, can connect to the network and potentially launch attacks or intercept data transmitted by other connected users. This heightens the risk of various threats, such as man-in-the-middle attacks, malware infections and data breaches.’
Read more on the Scottish Sun
Trevor’s tips to mitigate this risk: Use multi-factor authentication and strong passwords for accounts accessed over public Wi-Fi.
Opt for networks that require a password or credentials to connect when possible.