Connecting to the public and free WiFi networks that surround us is tempting. They avoid us having to use the mobile data of our contract, but the risks that we assume when connecting to them are enormous.
The majority of users use this type of networks happily, but as we say when using them we expose our data, our traffic and our identity almost completely. There can be serious consequences when connecting to a public WiFi, but fortunately there are ways to protect ourselves and continue using those public and free connections.
When you connect to a public WiFi, you expose yourself to all this
These free networks that we usually use in airports, cafeterias, shopping centers, restaurants or hotels give us free access to the internet, and just a couple of clicks to connect to these public WiFi. Locations as attractive to users as the means of transport or tourist spots that invite us to connect to their free WiFi networks are increasingly popular and numerous.
When we connect, we usually use them as if we were using the WiFi home network or our mobile data share: we connect to our data networks, read mail, check our bank accounts or consult all kinds of information.
All these operations are exposed in these public WiFi networks, and they are because there are different types of attacks and security risks that threaten that privacy and that security that we do not even consider when we connect to them. The most outstanding are the following …
- Attacks Man in the Middle (MitM): The cyberattacker can achieve “sneak” into our communications between our computer or mobile and the other end of these data transfers, which basically will make it “read” all the data transmitted between both ends.
- Unencrypted networks: Although in some cases these access points may have been configured to encrypt the data transfers of those that connect, most routers do not have this option activated by default, which means that our communications can once again end up being gossiped by cyber attackers.
- Distribution of malware: These public networks also allow cyber attackers who infiltrate them to use them as a means to infect our devices with all types of malware.
- Snooping and sniffers: These types of techniques also allow infiltrating the data transmissions we are doing to capture all this information and register it. This type of tools make it possible for an attacker to discover our passwords and passwords to enter social networks or perform banking operations.
- False public WiFi networks: That WiFi network that you think is from the hotel or restaurant where you are using it might not be theirs, but could be a false network that a cyber-attacker would have set up to infiltrate your communications and Capture all kinds of data from your laptop or mobile phone.
Firesheep as an example of danger
These threats mean that all types of data transmitted during that communication maintained on a public WiFi network are compromised. Not only the websites that we visit, but the emails or what we say in applications and webs of instant messaging, with whom we are communicating, our location, photos and other files that we send in those sessions.
One of the most famous cases of the risks involved in these networks occurred in 2010 : that’s when we discovered the Firesheep extension for Firefox. This component went a step further in capturing packets in a public network, and allowed us to steal our Google, Facebook, Twitter or Flickr accounts with a double click. No more
To achieve that attack was recommended to go to the extension HTTPS Everywhere, which allowed to ensure that the pages we visited were using the HTTPS protocol and activated that version (when it was still optional) instead of the conventional HTTP protocol. The tool ended up having an Android version called Faceniff that took advantage of that same problem, and that demonstrated how easy it was to exploit vulnerabilities in WiFi networks open publicly.
You may also like to read: Why and how to change the name and password of your home WiFi network
Quick tips when using public WiFi networks
If for some reason you need to use those WiFi networks and you want to try to avoid those dangers, at least you can take some quick precautions. For example, not automatically connect to these WiFi networks every time your mobile device or your laptop detects them. In Windows, for example, it is important to indicate that this connection is to a public network (and not work or domestic) to prevent our shared folders and resources from being available to other users in the network.
It is also a good idea not to use mobile applications with sensitive information if there are web versions of those services. In that case it is advisable to access these services with a browser -for example, the Facebook website- to make sure that the protocol used on that page is HTTPS before entering our credentials.
Even using HTTPS connections, ideally, do not do banking or consult sensitive data (for example, medical analysis) if we connect to these WiFi networks. In those cases it is always better to wait for a reliable connection (for example, our share of mobile data in 3G / 4G networks) to access such services.
After using these services in the public network, it is also highly recommended to close the session of the services used so that there is no “residue” of our connection to these websites. Deactivating shared files and folders is a good idea, and it is also interesting to turn off WiFi or Bluetooth connectivity when we no longer need them.
VPNs, the best defense mechanism when connecting to a public WiFi
However all these measures are small patches for a problem that has a solution in virtual private networks or VPN. This type of service offers us a point-to-point virtual connection that acts as a kind of private tunnel between both ends of the communication, one that a cyber-attacker will hardly have access to.
When choosing a virtual private network, yes, the offer is so wide that it can confuse users . There are a good number of providers of free VPNs, but some of them have been shaken by the scandal, as was the case with Hola, the service that sold the bandwidth of its users to third parties.
It is therefore advisable to use a payment VPN that also guarantees certain options: for example, that there is no record of usage activity and no record of connections or that strong encryption is used in the connections.
In this list of features it is also relevant that the service has global coverage and a good number of servers to connect to. In fact, not being in countries like the United States is usually a plus for many because of the activity of the NSA. The possibility of paying with bitcoin or other cryptocurrencies to guarantee greater anonymity and the support of P2P protocols is also striking for many users of this type of connection.
All these elements help our sessions to be much safer in any scenario (including our own home or our office), but precisely for that encryption and establishment of a private channel is why we use a VPN in our mobile or laptop when we connect to a public WiFi is so recommended.