15 October 2020
In this Room 228 Newsletter we take a look at some of the risks associated with using public Wi-Fi in your personal and business lives. Whilst recently looking for useful online precedents, a bowers.law corporate / commercial lawyer chanced across a very helpful draft stock option plan for a well-known international luxury brand business which had obviously been worked on by a magic circle lawyer on public Wi-Fi in a co-working space, and so was publicly available for the world (and our lawyer) to read. Don’t let this happen to you!
In today’s day and age (and especially with extensive remote working) where our phones, tablets and laptops are our livelihoods, public access to free Wi-Fi is a godsend. Despite the convenience of being able to access these Wi-Fi points, there are many risks associated with doing so if you don’t ensure that the network you are connecting to is safe and genuine. Seeing as many of these Wi-Fi networks do not require any authentication before you can connect, there are many ways for cybercriminals to take advantage of these open connections to gain access to your mobile devices, and the (potentially sensitive / confidential) information stored within them. Here are a few ways in which you could be exposed.
Man-in-the-middle attacks
Man-in-the-middle attacks occur when a cybercriminal essentially eavesdrops on any communication that is incoming or outgoing to and from your device. Cybercriminals get in between these communications, which means that any private or confidential information you might have received or sent out is no longer private or confidential.
Unencrypted networks
An encrypted Wi-Fi network means that the information that is sent from device to router takes the form of a secret code. Typically, secure Wi-Fi access points such as those in the workplace or at home are encrypted so that incoming and outgoing traffic is protected. Without an encrypted Wi-Fi network, your information may be intercepted. Wi-Fi networks that aren’t encrypted often serve as platforms for cybercriminals and hackers not only to intercept information, but also to introduce harmful software that may affect your mobile devices. This leads on to the next potential risk of using public Wi-Fi.
Malware distribution
Who hasn’t got annoyed by those little pop-up windows appearing on our screens that prompt us (yet again) to update our software! However, those little reminders are there for a very good reason – to cure any software vulnerabilities which may exist on our devices, and which enable cybercriminals to access our devices and to install malware without us knowing. What’s even more alarming is that cybercriminals can inject malware specifically designed to attack particular software vulnerabilities. Malware that is injected into your computer can then allow the cybercriminal to steal data, encrypt your files, or even gain control of your computer.
Snooping and sniffing
Not only are cybercriminals able to infect your device with malware or intercept your information as a middleman, they are also sometimes able to access your device through specially made software kits and devices which allow cybercriminals to monitor everything you have done on your device, view the webpages that you visit, steal your user information and passwords, and take control of the various accounts you access via your device.
Malicious hotspots
Malicious hotspots are fake Wi-Fi access points created by cybercriminals to lure traffic through the fake Wi-Fi network. Once you have connected to a fake access point, the cybercriminals can then access the incoming and outgoing traffic on your mobile device. The traffic can take the form of various types of correspondence, including emails, text messages and instant messages on other social media platforms. Once the hackers have access to this traffic, they can read, steal and manipulate the traffic in any way they like.
Tips for minimizing risks associated with the use of public Wi-Fi.
Although connecting to public Wi-Fi access points is risky for the user, this doesn’t mean that these W-Fi points shouldn’t be used at all. When accessing public Wi-Fi, here are some tips and tricks to keep in mind so that you can minimize your risk of being a victim of cybercrime:
- stay away from Wi-Fi networks that do not first ask you to authenticate
- when using your own mobile data, make sure the Wi-Fi service on your mobile device is turned off
- make sure that your device “forgets” a public Wi-Fi network after use – disable auto-connect
- turn off Wi-Fi and Bluetooth when you’re not using them
- if you have no choice but to use public Wi-Fi, try to use a Virtual Network Provider (VPN’s create a private network which encrypts traffic)
- install up-to-date firewall / anti-malware software and operating system updates on your mobile devices
- do not use public Wi-Fi access points to send or receive sensitive or confidential information or to access any websites that hold your sensitive personal data
- only visit sites using https (https is http with encryption – the s stands for ‘secure’)
- log out of all accounts when you’ve finished your session
- change your passwords regularly
Technology is advancing extremely rapidly, and it is already difficult to keep up with technological innovation as it is. Be that as it may, whether you are a business owner who is sending out confidential information, or a new parent sending photos of the new-born, the information you send out and receive is meant for your eyes only. Implementing these tips and tricks will hopefully help you keep it that way!