Many of us probably used public Wi-Fi at least once. With the way it has expanded, you can now travel abroad and stay connected everywhere you go. Public Wi-Fi is also handy when your mobile plan does not offer much data. However, it’s notoriously risky.
People tend to think that following basic cyber hygiene can keep them relatively safe when using a public network. However, only visiting encrypted and reliable websites is not the same as encrypted internet traffic. Even following the basic cybersecurity guidelines still leaves you vulnerable to the risks of public Wi-Fi. So, what are the dangers of unencrypted internet traffic? And how do you protect your data without abandoning public Wi-Fi?
Let’s shed some light on the dark side of public Wi-Fi.
Understanding public Wi-Fi
Public Wi-Fi is any network that people not bound by the same household can connect to. It can be provided in any public setting, from cafes, hotels, public transport, and even your workplace. The safety levels vary as well.
Some, particularly in workplaces, can utilize strong passwords and inner security systems. Others might not even require a password and allow free access to all. Naturally, public Wi-Fi that permits unlimited access is the most dangerous option, but any public network has certain risks.
What security risk does a public Wi-Fi pose?
The main risks that public Wi-Fi poses are data theft and malware infection due to hacking or so-called “evil twin” networks. When a large number of people are connected to the same traffic, hackers can use it to access your details. But with modern encryption technology, it can be difficult to gain access to someone else’s device, especially in a rapidly changing environment like cafes and public transport.
The main risk is connecting to a free public Wi-Fi that is actually a hotspot in disguise. “Evil twin” public Wi-Fi pretends to be a legitimate network but acts as a data harvesting machine for hackers. The likeliest places to encounter these fake Wi-Fi networks are coffee shops and airports. For example, a man was charged in Australia for creating an “evil twin” public Wi-Fi to steal user data. So, what damage can it do?
Dangers of unsecured Wi-Fi networks
Once a hacker gains access to your device through regular public Wi-Fi or an evil twin you are connected to, there’s no limit to the damage it can do. Think of all the websites you access while waiting for your flight at the airport or using hotel Wi-Fi. Imagine if a malicious agent could access all that you see on your screen. Suddenly, you’re in danger of:
- Identity theft. Hackers can steal your identity by tracking your activity and collecting banking and personal data for ransom or other financial gain.
- Malware. An unsafe Wi-Fi network can expose your device to malware even if the websites you visit are all safe.
- Sensitive data theft. If you accidentally connect to an “evil twin” Wi-Fi, any password you enter would essentially go straight to the hacker who controls the network. Suddenly, your accounts (even email) will be stolen.
- Session hijacking. By taking over the connection between your device and the website, malicious agents can get the rights to exploit your details, such as online store credit.
- Phishing attacks. Even if malicious agents cannot get your details by simply utilizing the same public Wi-Fi, they might expose you to larger numbers of phishing attacks, in hopes that eventually you’ll fall for it and give your details. With modern phishing using AI to be more realistic than ever, you’re under an increased risk of being affected.
While secured public Wi-Fi can avoid most of these risks, it’s not completely immune to dangers, especially more advanced hacking.
Is it safe to use public Wi-Fi?
Overall, public Wi-Fi is not totally unsafe to use. Networks with strong passwords and encryption have a very low risk of potential hacking. Some actions you take yourself can, too, protect your information and device. However, the number of people affected by unsafe public Wi-Fi is still very high.
Forbes reports that about 40% of people they questioned were negatively affected by the use of unencrypted internet traffic. However, real numbers are a bit harder to predict. To put it simply, it’s impossible to say how many people were affected by phishing due to public Wi-Fi or unrelated malicious agents. But knowing how many phishing incidents occur overall and that phishing can be a direct result of unsecured public Wi-Fi, it’s safe to say that victims are in the millions globally, with their losses exceeding billions of dollars.
For example, the FBI states that in 2023 alone, the losses to cybercrime exceeded $12.5 million, with hundreds of thousands of people affected. Furthermore, the cybercrime losses increased compared to previous years – a clear indication that hackers are becoming more competent and their methods – more sophisticated. According to Google Trends, searches for “fake Wi-Fi” and “evil twin Wi-Fi” increased from around 2022. So, it’s fair to say that the cases of false Wi-Fi also increased fairly recently. This means that modern public Wi-Fi users are in more danger than anyone in previous years.
How to use public Wi-Fi safely?
If you can’t avoid using public Wi-Fi, try to only connect to the one with a password and take extra precautions. The National Security Agency (NSA) advises these steps:
- Use a VPN. Even encrypted public Wi-Fi can be decrypted by an experienced hacker, especially if they have open-source tools or network credentials. A VPN adds another layer of secure encryption, so even if the network is compromised, your details will remain private and safe.
- Only access HTTPS websites. Websites that start with “https://” or a lock symbol are encrypted and safer to access. This means that, while not impossible, it will be very difficult for a malicious agent to access your personal information.
- Keep your device software up-to-date. Some modern devices have their own integrated basic security software, so never skip an OS update, as it also maintains the device’s security system.
- If you have to log in, use MFA. You are not advised to log into accounts while connected to the public network. But if you absolutely need to, log into those accounts that support multi-factor authentication.
- Use basic cyber hygiene. Make sure your firewall is enabled, reboot the device after using the untrustworthy network, and, if you can, get an antivirus app, even if it’s a free/limited service.
There really isn’t a fully secure public Wi-Fi. But if you were to take precautions and follow these guidelines, you should be able to prevent the worst that can happen when connecting to an unencrypted network.
Common questions about public Wi-Fi security
There are a lot of misconceptions and outdated knowledge about public Wi-Fi security. I attempted to answer some of the most common questions.
Is public Wi-Fi really that unsafe to use?
With an increase in “man-in-the-middle” attacks and false networks, the dangers of unencrypted internet traffic cannot be overstated. Though, it’s really hard to avoid public Wi-Fi. After all, many people have depended on it to avoid pricey roaming charges when abroad or when having limited data plans. Tourists trust and rely on hotel Wi-Fi just as much as students would struggle without their dormitory Wi-Fi. But in all of these cases, the danger is present and real.
Why is public Wi-Fi less safe than home Wi-Fi?
Many public Wi-Fi networks are much less reliable than the kind of service you get as an individual ISP customer. Public Wi-Fi tends to have unencrypted internet traffic that transmits data in a way that an experienced cybercriminal could easily exploit. Public Wi-Fi ISPs are also less inclined to invest in advanced security, as, due to traffic, it’s much harder to maintain and would likely slow the network during high traffic.
What are the main risks of unencrypted internet traffic?
The main risks of unencrypted internet traffic are data/account theft and malware. If a malicious agent can spy on your activity, they can also find out your login information, personal data, and so on. In cases of false Wi-Fi (known as “evil twin”), a hacker could get easy access to everything on your device, from payment details to social media account logins. Luckily, there are ways to minimize risks if they cannot be outright avoided.
How can I avoid the risks of public Wi-Fi?
Not accessing highly sensitive accounts (email or banking), keeping up with proper cyber hygiene, as well as using a personal layer of cyber protection, such as VPN and antivirus, can help prevent most of the risks associated with public Wi-Fi. Try to limit your use of a public network and, if you absolutely have to log in, only log into accounts that support MFA. If possible, simply using cellular data is a better option, too.
Conclusion
If you can avoid it, it’s best not to use public Wi-Fi. However, sticking to a stricter cybersecurity routine can help avoid the main dangers of unencrypted internet traffic. Using a VPN and/or antivirus, visiting websites that start with a lock symbol/HTTPS, and avoiding logging into data-sensitive accounts is the best way to ensure that you won’t suffer a data breach or hacking incident. With new ways to scam people appearing every day and getting better due to the implementation of AI, no one can afford to be lax when it comes to their cybersecurity.
Your email address will not be published. Required fields are markedmarked