Every time you or an employee logs on to a public Wi-Fi network, the safety of your business is potentially compromised. These tips will help protect your data from rampant cyber security threats on public wireless networks.
The explosion of free public Wi-Fi helps people stay personally and professionally connected. However, many of these networks are not secure and make tempting targets for cyber criminals looking to steal your personal information.
Alarmingly, 60 percent of Americans believe their data and identity are secure on public Wi-Fi, according to research from Symantec. This is unequivocally false! Data shared on public Wi-Fi is usually unencrypted, which makes it simpler for cyber criminals to access.
Americans are three times more likely to connect to public Wi-Fi if it is free, according to a survey by the Identity Theft Resource Center, but free isn’t the same as safe. Let’s take a look at some of the cyber security threats found on public Wi-Fi networks as well as what can be done to protect yourself and your business.
Sniffing: Hackers use packet sniffers to intercept the information sent from your browser to the server. “Packet” refers to the bundles of data that hackers capture from the network. Data could include information that enables them to compromise you or your business’s security, such as passwords or user IDs.
Man-in-the-Middle Attack: In this type of hack, criminals intercept your communication while you are completely unaware. Examples include eavesdropping on, or even altering, communication between two parties and using malicious tools to come between you and a digital resource, such as a website or email account, in an effort to gain access to your private information.
Evil Twin: This is a Wi-Fi network that appears to be legitimate but is actually created by a criminal to pave the way for cyber crimes, such as man-in-the-middle attacks. These rogue networks often have similar names to legitimate hotspots in the area.
Sidejacking: With this nefarious tactic, hackers use sniffing software to steal session cookies (information on your browsing activity) and then hijack your session. For example, if you’re logged in to your favorite shopping site and hackers sidejack your session, they could make purchases using your credit card information; or if you are sidejacked while active on Facebook, the perpetrators could send messages to your connections or post dangerous links to your feed. The good news is that the thieves are stealing specific cookies and not your username and password, assuming those are encrypted. The bad news is it may not be immediately obvious that you were targeted, and the criminals could use the cookie to access your account at a later date.
In addition to these schemes, cyber criminals use public Wi-Fi to infect devices with malware. Some forms of malware can spread across a network to infect other computers, so you risk compromising other devices when you log back on at the office or at home. If you need to get online in a public place, consider the following tips:
Use a VPN
If possible, use a virtual private network (VPN), which encrypts all of your network traffic data. The majority of business-grade networking hardware have the capabilities to support multiple VPN connections. A managed IT services provider can help you assess the right solution for your business.
Limit Your Activity
Reduce your digital profile by only performing “must-do” activities. For example, use public Wi-Fi if you have to get an important email out, but don’t pass the time with leisurely online shopping. Try to limit your browsing to sites that are verified secure with the “HTTPS” designation, and avoid online banking over public Wi-Fi connections.
In addition to being aware in the virtual world, keep an eye out for suspicious behavior around you. Criminals can also try to steal your password or credit card information by physically observing you, a technique known as “shoulder surfing.”
Turn Off Automatic Connectivity Features
Ensure your devise doesn’t “accidentally” connect to an at-risk network by turning off automatic connectivity features, which are common on many mobile devices.
Block File Sharing
Perhaps your laptop is configured to share files with others in the office. Disable any file sharing and temporarily turn off all cloud-based file services (such as Dropbox, OneDrive, Google Drive, etc.) before logging on to a public network. Otherwise you may make it easier for hackers to access your information.
Consider Encryption Tools
There are tools, both free and paid, that can encrypt your data when you access a public network. You can encrypt passwords, files, or even your hard drive. An IT specialist can help you determine the right tools for you and your business.
Protect Your Device with the Latest Anti-Malware and Anti-Virus Software
Software can’t protect you from shoulder surfers or zero-day threats, but it will detect many forms of cyber security threats should your device become compromised. Be sure to not only install anti-malware and anti-virus software but to also update it regularly so you stay protected as threats evolve.
Use a Firewall
Firewalls protect your technology from attacks and block unauthorized access to your network. When logging on to public Wi-Fi be sure your device’s software firewall is turned on.
Avoid Public Workstations
If you have to use a public computer, say at a hotel, conference center, or library, abide by the tips above. Additionally, clear your history and temporary internet files after your session.
It isn’t realistic to expect yourself or your employees to avoid pubic internet entirely, but it is imperative that everyone understand the risks and take necessary precautions to protect themselves. Check out this in-depth guide to public Wi-Fi on the technology site Secure Thoughts.
Anderson Technologies, a St. Louis IT consulting company, helps educate small businesses about safe online practices. We’ve even created this free ebook to get you started. Contact us today at 314.394.3001 or firstname.lastname@example.org to discuss your business Wi-Fi safety or any of your IT concerns.