Traveling and staying in a hotel I started to use the
Internet via a Smartphone. I paused, thinking data usage might be tight so better
use Wi-Fi. Logging into the hotel’s Wi-Fi I paused again, knowing better than
to use unsecured public Wi-Fi. Thinking I was only checking the Internet for
dining options, it was safe to use pubic Wi-Fi for that purpose. Then the
browser failed to load, with a warning that the server was an unsecure network.
Thank you Google or Apple or whomever installed a safety feature to moderate
our temptations. The
tricky thought occurred to turnoff the Wi-Fi, log into the account and then
switch on the Wi-Fi. After some research it was revealed that this technique
would still leave you vulnerable. After switching the connectivity your phone
(the app or website) would renegotiate the connection, although seamless
to the user, your login information would still be exchanged and visible.
Decided to look into the pitfalls and dangers of public
Wi-Fi. A simple search returned many articles on public Wi-Fi risks. Lots of
experts explaining how easy it is compromise networks and for unsuspecting
users to fall victim. Smartphones, tablets, and laptops have become appendages
to our busy Internet connected lifestyles. Data usage has become the new
“minutes” and consumers are looking for ways to save on usage and ultimately money.
Public Wi-Fi is a common way to cut back on data usage. However, there is risk
to online security.
Risks
Norton reported in 2013 that 68% of people using public
Wi-Fi were victims of cyber crime. The Norton Cyber Security Insights Report announced that in 2015 21% of Americans had their email
hacked and 12% had their financial data stolen after shopping online. Millennials
are a growing victim demographic with 40% falling prey to cyber crime in 2015.
Although one of the more tech savvy age groups, Millennials are more open to
sharing logons and passwords that compromise their online security.
When you leave the house you are still connected. Whether
you login to your accounts via the cellular network or Wi-Fi, nothing is 100%
secure. While 4G cellular networks are encrypted and are far, far better than
an unsecured public Wi-Fi connection, there have been incidents of cellular
networks being hacked. Although the effort is usually much greater than most
cyber criminals are willing to make. Public Wi-Fi is a much easier target. Both
due to security weaknesses and the plethora of devices being used on those
networks.
Breaches
Most public Wi-Fi breaches are through man-in-the-middle
attacks. Hackers place themselves either between two victims or between the
user and the app and eavesdrop on the transmissions being sent back and forth.
It is important when using apps and websites in public to ensure you are
logging into the correct site or app as hackers can spoof those and trick users
to logging into the hacker’s site.
Just because you need a password to login to public Wi-Fi doesn’t
mean it is secure. It just means that there is an authentication step before
you can access the router.
Additionally, the person setting up the Wi-Fi may not have installed all
the available security features. The
hacker may be logging into the same network as you, giving them access to your transmissions.
When you are browsing, HTTPS is usually a good thing to look
for. It means the data transfer between your device and the website is
secure-on their end. There is still a possibility that you were hacked on your
end. It’s like having a phone conversation but you have your phone on speaker.
The most secure networks offer end-to-end encryption.
Financial apps usually are encrypted. Most big name apps/browsers/email/social
media are probably secure from man in the middle attacks as the data being
exchanged is encrypted, the session can be viewed but not the data. However,
we’ve all read about the big guys getting hacked. Better safe than sorry later.
Reduce your risk
Some simple rules to live by while using your mobile devices
in public.
When using any network that is not your own, consider it
unsecure.
Never use public Wi-Fi to login to anything that requires a
password. After using any network that is not your own it is wise to change
passwords.
When you do use hotel or public Wi-Fi, make sure you are, in
fact, connecting to the hotel's Wi-Fi and not hacker’s site. Look-alike Wi-Fi
signals use names similar the hotel or business. If you’re not comfortable, ask before logging on.
Keep your device OS up to date.
Use COMMON SENSE.
Review our blog archive for other articles cyber security:
No comments:
Post a Comment