Public Internet is notoriously sketchy, but you can protect yourself and your data with smart habits.
One of the first things we learned about the Internet, back when it was becoming a part of daily life, was: password-protected network, good. Free public WiFi, bad. Today, there are more protections in place to keep your data safe on public WiFi networks. However, it’s still important to stay guarded. Today, there are more–and more sophisticated–cybercriminals looking to steal your data, and they’re targeting public Internet networks.
The Risks of the Public WiFi Connection
The biggest concern with public WiFi is that it usually isn’t encrypted, meaning that anything you send or receive (like passwords or emails) can be intercepted. And if cybercriminals are intercepting your data, you’ll likely have no idea. In what’s known as a “man-in-the-middle” attack, hackers position themselves between you and the network to secretly steal or alter your communications over email, text, and websites.
Another main concern is malware distribution. Cybercriminals can exploit vulnerabilities in public networks to push malware onto connected devices, most often without your knowledge. You’ll notice it when your device’s battery starts to drain more quickly or overheat, and you’re getting unexpected pop ups or redirected to websites you don’t want to visit. In the background, the malware allows hackers to steal your passwords, view your online activity, and even extort money through ransomware. In other words, they force victims to pay a ransom to gain access to their data or avoid a data leak.
When you log onto public WiFi, it’s essential to be sure you’re choosing a legitimate connection. Rarely, you may see a network name in the list that impersonates the network you really want–for example, the real network name might be “Springfield Library,” and the imposter one might be named “Springfield Library1.” That second one is set up by hackers who want you to log on to the unsecured connection.
Clearly, the consequences of using an unsecured connection are serious, for both personal and business devices.
How to Keep Yourself and Your Data Safe on Public Connections
The good news these days, according to the Federal Trade Commission, is that, while public WiFi isn’t usually encrypted, most websites now are. If you’re using a website that starts with https://, the “s” indicates an encrypted connection through an SSL certificate. In fact, the “s” stands for “secure.” On an https:// connection, the website scrambles your data so that hackers can’t just look or listen in, even on an unsecured public network. The https:// secure connection also ensures that you’re looking at the website you think you are, not an imposter website. Look for the little lock icon in your URL bar, along with the “s,” to confirm you’re visiting a secure site.
While you can have more confidence using public WiFi when you’re accessing secure websites, there are more steps you can take to protect your data from targeted or sophisticated attacks.
- Use secure passwords. The Cybersecurity and Infrastructure Security Agency suggests using a password manager and making each password unique, long, and random. A strong password is still one of the best defenses against cybercrime.
- Use a VPN (Virtual Private Network). For between $5 and $10 a month, a VPN creates a secure “tunnel” through which all your data travels. A VPN isn’t an Internet connection, but you log into it when you use any Internet connection to keep your data encrypted. VPNs can also protect you from companies viewing your data to target ads. Setting up a VPN takes some up-front work, but many people consider it a best practice for Internet safety.
- Keep your operating systems up to date. Each update fixes known vulnerabilities, so every time you update your computer, phone, or other device, you’re protecting yourself against the latest criminal tactics.
- Disable the “Connect Automatically” feature. Stay in control of which networks you connect to by making sure that your device isn’t connecting automatically to any open network.
- Be extra cautious about what you share. The best way to ensure that your sensitive information stays safe on a public network is not to share it in the first place. If you’re not sure if a WiFi network or a particular website is encrypted, avoid sharing your credit card information, SSN, and any other personal data.
Remember, the organization providing you with a free public Internet connection– whether a library, government office, business, or other space–isn’t responsible for keeping your data safe online. Take steps to protect your data, at all times, but especially when the WiFi network doesn't ask you for a password.
Sources: