The risk of public wifi networks - and how to use them safely
by Tina Siering
The five most common risks when using public WLAN networks
People who travel a lot like to use WLAN connections in public spaces. Unfortunately, many people are too careless - and risk having their data tapped or malware infiltrated. These are the five problems or attack strategies that occur particularly frequently.
1. Data extraction through man-in-the-middle attack
A man-in-the-middle attack works like an eavesdropping attack: an attacker hooks into an existing data connection and can view or manipulate all the information that the sender sends to the supposed recipient. This is made possible by security gaps in the operating system or in the software used. The data read out, e.g. intimate details from private life or passwords, are subsequently used by criminals for blackmail or larger attacks.
2. The spread of malware
Once a cybercriminal has gained access to the end device via the public WLAN, they can install malware, such as ransomware. Infected computers can also grab the user's personal or financial information and pass it on to the hacker, who uses it for financial fraud or identity theft, for example.
3. Unnoticed use of an unencrypted network.
When you surf a public WLAN, you cannot know for sure whether it is sufficiently encrypted. With encryption, the data stream from the computer to the WLAN modem is sent in a "secret code". This can only be read by those who have the correct key. If, on the other hand, the network is not encrypted, it can be accessed by anyone within range and private data could easily be intercepted. Modems and routers are still sold with encryption disabled at the factory. When setting up the network, this must be activated by a competent person.
4. Deception via network names
Some cybercriminals name their own networks after local hotels or cafes. The goal: to get gullible people to connect to the supposedly secure WLAN and use it to transfer sensitive data. Anyone who logs in via these fake access points in turn becomes a victim of data theft, because the operators are not the hotel or restaurant, but sophisticated criminals.
5. Snooping and sniffing
WLAN snooping and sniffing involves criminals using so-called keyloggers (hardware- or software-based) to record data traffic. In this way, the cyber attackers gain access to the victim's digital activities in the respective WLAN. They can see, for example, which websites you visit and what data you have entered there - including passwords. With this information, criminals can, for example, hijack your e-mail account and online banking or order goods on the Internet at your expense.
Actions for more security in public WLAN
The widespread use of free public WLANs is particularly convenient for professionals who are often on the road. And there's nothing wrong with using it, as long as a few security-related points are taken into account. Ideally, you should combine the following measures:
1. Additional privacy and encryption functions through VPN.
A private network connection (VPN) ensures that your data remains private even when using a public WLAN network - even if criminals manage to intercept the connection. This is because the data is encrypted in a highly secure manner when using a VPN.
2. Encryption via SSL connections
Even if you don't have a VPN connection available at the moment, you can encrypt your communication in the public network. To do this, enable the "Always use HTTPS" option on websites that you visit frequently and where you need to enter credentials.
3. Disabling file and directory sharing
The option to share files or directories with other people on networks can be handy - for example, to work on documents together at work. In a public WLAN, however, this function should be deactivated to prevent unauthorized people from viewing or copying your files. Depending on your operating system, you can find file sharing in the system or network settings. In Windows, for example, there is the option "Public" in the network settings.
4. Disable automatic connection to known networks
The function that smartphones, tablets and laptops, search for already known networks to log in there quickly and automatically, is unquestionably convenient. However, this makes the devices visible - even to criminals. The immediate activation of the Internet connection is simply a matter of the hotspot name and the WLAN password. If the WLAN provider has not changed the default name, cybercriminals can offer hotspots with such common names and the devices of future crime victims connect to them. If file sharing is then enabled, documents can be stolen without you even actively using the device.
5. Do not access confidential data on public networks
A general precaution is not to send sensitive information, passwords or payments over unprotected data connections. So, if it can be avoided, postpone email account logins, social media logins or online banking use until a time when a secure connection is available. In this context, also think about stored passwords in the browser, which can open the way to identity theft. Also a bad idea on an unsecured WLAN is to use apps that require entering confidential data. In such cases, it is better to opt for the HTTPS website of the respective company.
6. Switch off WLAN function that is not needed
Deactivate both the WLAN and Bluetooth functions when you do not need them. Otherwise, your device will constantly exchange data with all networks within range - even if you have not established an active connection.
There are security measures in place to prevent this from becoming a cyber threat to your device. However, not all WLAN routers are programmed and built equally well. Moreover, savvy cybercriminals can break through these security routines. So, in moments when you are only editing text documents or other locally stored files on your computer, you should disable your network functions - this will provide longer battery life as a side effect.
Many a task requires Internet access and cannot be postponed, even when you are on the road. Sometimes you have to rely on a public WLAN hotspot. Then it is important to know the risks and apply preventive security measures to avoid becoming a victim of a cyber attack on the public WLAN network. The basic rules are to only switch on the WLAN when it is actually needed, to make sure that you connect to the right - ideally encrypted - network and to transmit as little confidential data as possible.