Free WiFi is hard to resist: it provides almost limitless convenience and, for a growing class or remote workers, is close to a necessity. This popularity belies the dangers of using such networks. With poor encryption and minimal user regulation associated, free public WiFI leaves users vulnerable to surveillance and hacking.
Unfortunately, a recent survey by Symantec shows that most people underestimate the threats of using such networks. 60% think their information is secure on public networks, despite 53% of users being unable to distinguish secure networks from unsecure ones. Similarly, 55% of users would readily do or exchange something for a strong connection.
If, like most people, you can’t bring yourself to give up public WiFi altogether, don’t fret. You can reach a reasonable level of security on public networks by following a few relatively simple steps. Following a few will reduce your risks, while abiding by all of them will make you a much less likely target—much of cybercrime, after all, targets easy victims.
1) Choose Safe Networks and Connections
There are many ways that establishments can set up their WiFi hotspots. Some leave them completely open, some assign passwords to their signals, and others use login portals.
As much as possible, choose public networks that use WPA or WPA2 security, i.e. those that require a password before you can connect to the network. These networks have encryption built into them. It’s not particularly strong encryption, but it’s better than nothing.
How to identify these networks:
- Mac: secure these are marked by a lock icon
- Windows: unsecured networks are marked by a shield icon with an exclamation point
Networks that use other types of login portals (e.g. those that show up in browser windows) pose varying levels of risk. They’re generally safer than entirely open networks, but make sure the user agreement doesn’t explicitly waive your information’s privacy. Terms of use that prohibit WiFi snooping are a good sign—they may not be enforced well, but they’re something to fall back on if you find that your data has been compromised.
You can further reduce your risk of information theft by sticking to secure website connections. When browsing websites, stick to those with an encrypted connection. You can identify these sites by looking for these in the address bar:
- The closed padlock icon
- “Secure” before the URL
- “https://” at the start of the URL
It can be difficult to identify safe web content when you’re using non-browser apps. Many of them have no visible indicators and don’t encrypt information properly. If you have to use a certain service on a public network, try accessing it through a mobile website instead. The browser will be able to tell you if the site is secure or not.
Alternatively, you could look up the apps you use most often and see if they encrypt data sent through them. Many messaging apps are sensitive to users’ desire for privacy and offer options for message encryption. You can find a number of such messaging apps with a quick search for “encrypted” or “secure” messaging apps.
2) Use Security Software
In addition to hackers trawling the network or running interference, users of public WiFi should also be wary of malware, which can proliferate quickly on unsecured networks. Good antivirus and anti-malware software should form the backbone of your information security. These can stop malicious programs from entering your computer’s system or neutralize them if they manage to get in.
Most antivirus programs today have comprehensive measures for a wide range of malware (of which viruses are just one type). However, some programs focus on emerging or “day-zero” threats. You may want to use one of these in addition to a general purpose antivirus program.
Whatever your setup is, be sure to keep it updated. Security software with outdated virus definitions won’t provide much protection.
Ad blocking technology is also good for protecting your information, as “malvertising,” the practice of spreading malware through online ads, is a common threat. The worst of malverts can trigger even without you clicking on them. Having software that prevents ads from loading at all is the surest way to keep yourself safe.
3) Conceal Your Communication
The best way to protect your information on public WiFi is to encrypt not just your messages, but all information your computer sends out or receives. The best way to do this is through a trusted virtual private network (VPN) service. Connecting to a VPN endpoint sets up an encrypted connection between your device and one of the VPN servers, which protects your data from unwanted surveillance. It also assigns you an IP address based on the server’s location, making it more difficult for other parties to track you.
There are alternatives to using a VPN service. For instance, you could set up your own VPN, though this requires some technical knowledge and has less flexibility than a VPN service. You could also use other anonymity services, like TOR (The Onion Router) Browser. Note that some similar services have been found selling user data to other parties, defeating the purpose of their service; be careful to research them before signing up.
4) Playing It Safe
Ultimately, any time you send information across a public network, there is some element of risk. Hackers, after all, are known for thinking out of the box. So the best way to stay safe on public networks is to avoid sending any sensitive information through them, which means no banking, payments, or similar transactions. Those are best saved for the security of a trusted private network.
Editor’s Note:
From time to time, SensorsTechForum features guest articles by cybersecurity and infosec leaders and enthusiasts such as this post. The opinions expressed in these guest posts, however, are entirely those of the contributing author, and may not reflect those of SensorsTechForum.
