How Do You Protect Your Data When Using Public or Guest Wi-Fi?

Being connected to the internet has become a necessity these days, as the need to be “always on” continually increases. Checking emails, posting updates on social media, connecting with other people, and catching up with work have become a routine for most people.

It is a good thing that free Wi-Fi is available almost everywhere — in cafes, libraries, government buildings, malls, schools, airports, train stations, and almost every public place. Wi-Fi hotspots have made it possible for people to connect to the internet outside their home. And it’s free, so why not?

Mobile data is expensive. So if your plan doesn’t include a huge data allowance, using free Wi-Fi is a great idea.

However, most people are not aware that connecting to a public hotspot involves some security and privacy issues. Connecting to a public Wi-Fi network without a VPN can make you vulnerable to various online attacks, including data leaks, activity monitoring, identity theft, computer hijacking, and bandwidth throttling.

What Are the Security Risks When Using Public Wi-Fi?

Most people think that using public Wi-Fi is just like using your own home network. This is actually far from reality. With your home network, you have to type in your Wi-Fi password every time you want to connect. This somehow gives you a bit of protection against online attackers, as well as preventing your neighbors from piggybacking off your internet connection. Protecting your home network with a password also encrypts your data and protects it from eavesdroppers.

Here are some of the security issues you might experience when you connect to a public hotspot:

  • Public Wi-Fi is a free-for-all.By default, most public Wi-Fi networks do not require a password. Because of this, everything that goes through them is not protected. Anyone with basic hacking skills and the right tools can view your browsing history. They can also easily intercept messages and emails you sent out, gain access to your files, and even view your passwords. This is true for all public Wi-Fis. Whether you’re using a school Wi-Fi network or leeching off the free Wi-Fi from a cafe nearby, the amount of risk is the same.
  • Public Wi-Fi can be a vehicle for spreading malicious software.Even if there are no hackers purposely targeting you, you’re still vulnerable to security issues caused by the people connected to the same public network as you. Having the latest antivirus is not enough because viruses or malware could silently spread from other people on the network to your device.It’s a good thing SSL encryption has been invented. By using this protocol, Wi-Fi snooping has become more challenging because websites are now using a secure web standard to protect their visitors. So make sure that you’re accessing the HTTPS version of the website you are visiting so that other users, particularly hackers, won’t be able to view your personal data. Even if they are able to track your browsing history, they won’t be able to see your login details and other information because the website is protected.Using SSL is one of the ways to protect your privacy when using a public Wi-Fi network. But this protocol is not foolproof. In fact, SSL can easily be bypassed by hackers using a single method, which will be discussed further below.
  • Public Wi-Fi networks are vulnerable to SSL stripping.HTTPS stripping is one of the most common security threats to public Wi-Fi users. This scenario was presented by an online security expert named Moxie Marlinspike during the Black Hat DC event in 2009. You might think that visiting an HTTPS website is secure, but you might already be a victim of a stripping attack. This method uses an SSLstrip tool to hijack the HTTPS traffic on your public network, then redirect it to the HTTP version, where the hacker can easily access your information.Users who do not include https:// when typing the address of the website they are visiting are the most at risk of encountering this attack. Some users just type in the domain of the website, then hit Enter, without knowing that they’re being redirected to the insecure HTTP site. Most websites redirect the users back to the HTTPS version, but SSLstrip interrupts that redirection and sends the user back to the non-safe HTTP site, where the hacker can view all the user’s information in plain sight.Using SSLstrip is not an easy feat because it requires advanced hacking skills and knowledge of Python programming. But with tools like Wi-Fi Pineapple, stealing user information on public Wi-Fi networks has become so much easier. This Wi-Fi Pineapple tool, created by Hak5 in 2008, was designed for pen testers to reveal the vulnerabilities of a certain network. But the device proved to be so effective that it has also become popular among hackers. With this tool, data theft has become a breeze.How does it work? The hacker usually spoofs a public Wi-Fi network and routes the user through this bogus connection with a fake router. That way, the attacker can force the user to visit websites infected with viruses, adware, keyloggers, and other malicious software. Once the device has been infected, the hacker can steal data, hijack the computer and ask for ransom, or even totally brick your device. The scary part about this tool is that it is so easy to use; even newbies can use it.

Hackers, these days, no longer need advanced technical knowledge or experience to be able to steal your information. Sometimes the users’ laziness or unawareness should be blamed for security breaches. For example, forgetting to change your Windows sharing settings when connected to a hotel Wi-Fi network allows other users to access your shared files. And if your shared folders are not encrypted, it’s just like you’re giving away those files for free.

Encrypting your files and setting up a password for your shared folders is a simple yet effective way of protecting your data. As hackers are getting more creative in designing ways to steal information, it is all the more crucial to be wary and aware at all times.

Firesheep, for example, was a Firefox extension released in 2010 to demonstrate how attackers can hijack login sessions on websites that do not encrypt the cookies during login. Most websites only encrypt the login details but not the login session cookies, unaware that these cookies contain information regarding the identity of the user. Hackers then intercept these unencrypted cookies and extract the personal data of the user. Once the information has been collected, the Firefox extension displays this data in the sidebar for future use. The hacker just needs to click the name of the user, and they can automatically take over the account.

Some hacking tools are even compatible with mobile devices, which allows them to do their dirty work on the go. One common trick is to set up “honeypots” or fake networks named after legitimate networks. Users connect to these networks thinking that they’re connecting to a Wi-Fi network from a legitimate establishment, when in fact, they have already fallen into the hacker’s trap.

What Are the Risks of Connecting to a Hotel Wi-Fi?

Most hotels have their own Wi-Fi networks, particularly the high-end ones. The first thing visitors do after arriving at the hotel is they connect to the hotel Wi-Fi. But, connecting to a hotel hotspot is not always a good idea. These networks have very lax security and are vulnerable to attacks. With so many users connected to the network, hackers can just stay in any of the rooms and harvest information from unaware hotel visitors.

Most hotels are also equipped with the same security hardware, making the job a lot easier for hackers. For example, in 2015, security experts found out that more than 277 hotels across the globe are vulnerable to online attacks. The investigation showed that they were using the same device to set up a guest Wi-Fi connection, which turned out to be vulnerable to hackers.

ANTlab, the device in question, addressed the threat quickly by releasing an update for the device’s software. Unfortunately, the patch has to be installed manually, so there’s no telling whether all 277 hotels were able to update their software. So whenever you check into a hotel, don’t trust their Wi-Fi network.

This rule is particularly helpful for business executives who often stay in hotels for their meetings, conferences, and other events. This is where it pays to be extra cautious. For instance, DarkHotel, a type of malware targeting business executives staying in Asian hotels, was detected by the security company Kaspersky Lab. DarkHotel is spear-phishing spyware designed to attack business leaders checked into the hotel using the hotel’s Wi-Fi network. When the user connects to the hotel hotspot, a prompt appears asking them to update their messenger, flash player, or other software. The malware is downloaded and installed along with the update, giving hackers access to the data from the business executive’s computer.

Wi-Fi Security for Business Networks

Company Wi-Fi networks are not totally safe from hackers. The vulnerability lies in the guest Wi-Fi network, which is often left unprotected so visitors can easily access it. What companies don’t realize is that this guest network leaves the employees, visitors, and clients vulnerable to attacks as well. Unfortunately, security experts have yet to find an effective solution that would encrypt guest Wi-Fi networks.

Visitors and even employees who connect to the guest Wi-Fi network are vulnerable to various forms of threats, including eavesdropping, password theft, man-in-the-middle attacks, and others. To provide some semblance of protection, some companies use routers that set up a portal page through which the connection is filtered. But this method just opens the network to more vulnerabilities.

Some routers, such as Belkin and Linksys, use the HTTP protocol instead of the secure HTTPS version, causing various risks for their users. Using HTTP means that anyone eavesdropping on your internet connection will be able to see your login details and other information as you type them in.

There are also some Wi-Fi networks that are still using the old Wired Equivalent Privacy or WEP protocol. This privacy protocol can be easily bypassed; that is why most businesses are now using WPA and WPA2 protocols

How to Minimize Risk When Using Public Wi-Fi

There’s no such thing as being entirely safe or unsafe when connecting to public or guest Wi-Fi networks. These free Wi-Fi networks could be your lifesaver when you run out of mobile data or when you need to post a quick update on your social media. The most important thing is that you are aware of the risks and that you employ other security measures to avoid getting your data stolen.

Here are some ways to minimize the risk when connecting to a public hotspot:

1. Know the exact name of the Wi-Fi network.

To avoid connecting to a honeypot, always ask the name of the network you should connect to. Fake networks are usually labeled as if they are legitimate to trick visitors.

2. Edit your sharing settings.

When you’re on a public Wi-Fi network, make sure to check your sharing settings. Most users don’t even know about this setting, allowing themselves to fall victim to hackers.

To set up your sharing settings on Windows 10:

  1. Click Settings from the Start menu, then go to Network and Internet > Sharing options.
  2. Click Turn off network discovery, as well as Turn off file and printer sharing.

On Mac:

  1. Navigate to Apple Menu > System Preferences > Sharing.
  2. Uncheck the things you do not want to share to your network, then save your new settings.

3. Turn on your Firewall.

Your computer’s Firewall should always be turned on, except when you’re troubleshooting issues that require the feature to be turned off temporarily. When you turn off your Firewall, make sure to switch it back on immediately after you’re done with what you need to do.

Keeping your Firewall turned on can sometimes be annoying, but it is necessary in preventing attackers from getting access to your computer.

To turn on your Firewall on Windows 10:

  1. Click Settings > Update & Security, then choose Windows Security.
  2. Click Firewall & network protection.
  3. Switch on Firewall for your computer’s Domain Network, Public Network, and Private Network.

If you’re using a Mac:

  1. Go to System Preferences > Security & Privacy.
  2. Click on the Firewall tab, then click the lock icon to make some changes to your Firewall settings.

4. Update your apps and operating system.

Whenever a new update becomes available for your programs and operating system, install it immediately. These updates usually contain fixes to known vulnerabilities in your system and help make your computer run smoother. Some malware also tricks users into downloading fake updates for certain software and thus infects their computers. If your system is updated, you won’t fall victim to these traps anymore.

5. Always use the HTTPS version of the website.

It is so easy for hackers to harvest your information when you’re using the HTTP version of the website. So when you type in the web address, make sure to include HTTPS. If the browser leads you the HTTP instead of the HTTPS site, be wary.

You can also bookmark websites that you visit frequently to make sure you don’t go astray. Another option is to use tools such as HTTPS Everywhere that force browsers to use the HTTPS version of the site and use SSL encryption.

6. Take advantage of two-factor authentication features.

Two-factor authentication is one of the newest ways to protect your online accounts from unauthorized access. Major websites such as Gmail, social media, and online banking sites now require you to input a special code to continue with your login. This time-sensitive code is sent via email, text message, or voice call. So if somebody else uses your account and logs in from a different location or device, the login has to be confirmed using the code sent to you. Otherwise, the login will fail.

7. Do not access financial websites on a public Wi-Fi network.

If you can, don’t log in to your online bank account or use your credit card to purchase when you’re connected to a public Wi-Fi. Use your home internet connection to pay your bills or access your Paypal account.

8. Invest in a reliable VPN.

The only way to protect your data when using a public or guest Wi-Fi network is by routing your connection via VPN. Choose a VPN that is reliable, secure, and incapable of logging your online activities. To know your options, check out VPN Review Pro to choose which VPN suits your needs.

How to Use VPN to Improve Public Wi-Fi Security

Virtual Private Networks or VPNs let users connect securely to the internet via a secure server. All internet traffic goes through that server, where all data is encrypted and protected from eavesdroppers. Attackers will only be able to see random characters and won’t be able to make sense of them.

How secure is a VPN? Depending on the level of encryption and other security methods employed by your VPN provider, using a VPN is pretty much secure. When you connect via VPN, a digital tunnel is created from your computer to the VPN server. Your encrypted data is sent through this tunnel in packets. Each packet contains a piece of your data, the encryption protocol, and your IP address. Basically, using a VPN means sending packets of data inside another packet through a secure digital tunnel. You can never get more secure than that.

VPNs also employ encryption protocols to prevent hackers from deciphering your data. This is usually dictated by the VPN provider you are using. Using the highest level of encryption is necessary, especially if you’re connecting to risky networks such as public Wi-Fi or guest Wi-Fi.

Here is a list of popular encryption protocols, how they work, and what level of security they provide:

  • Point-to-Point Tunnel Protocol (PPTP) – Most VPN providers support this protocol, but it is no longer recommended because PPTP is already outdated. PPTP does not actually encrypt your connection but encapsulates it instead using a Generic Routing Encapsulation tunnel. But the encapsulation process is not totally secure and slows down the internet connection speed instead.
  • Layer 2 Tunnel Protocol (L2TP/IPSec) – This protocol is the descendant of PPTP, but with a higher level of security through IPSec encryption. It is also supported by major VPN services.
  • Secure Socket Tunnel Protocol (SSTP) – This protocol uses SSLv3/TLS encryption and is one of the newest solutions on the market.
  • OpenVPN – This is one of the latest and most widely used protocols today. It uses OpenSSL encryption and is maintained by the open-source community.

Perks of Using VPN for Public Wi-Fi

The main role of a VPN is to protect your data when browsing the internet. But aside from that, there are other extra benefits to using a VPN, especially when you’re on a public network:

Using a VPN allows you to:

  • Bypass website restrictions – Using a VPN masks your true location and blurs your online activities. This allows users to access otherwise restricted websites on the network. If you’re in school or at work, you can access social media, stream videos, and visit restricted websites without your administrator even knowing about it. This also works for countries that impose censorship on internet usage.
  • Access geo-restricted content – When you connect to a server located in a different country, you are automatically assigned a new IP address that matches the server you connected to. So if you want to watch Netflix USA, all you have to do is connect to a US server, and all your favorite US flicks will become available to you.
  • Browse anonymously – Whatever activity you do online, whether you’re browsing or streaming videos, you always leave a trace. Your IP address and other details are usually tracked by the websites you visit, including the length of your stay. When you use a VPN, your identity is hidden because your connection is encrypted. Even your ISP provider won’t be able to track your activities or monitor you.
  • Faster internet connection – When you are consuming too much data, ISPs will most likely throttle your internet connection. This happens whenever you stream videos, play online games, or do data-heavy activities online. Using a VPN prevents your ISP provider from spying on you by hiding your online activities. So you can stream and play all you want without being blocked by your internet provider.

Using a VPN indeed has a lot of benefits. But is it possible to get free Wi-Fi? There are many perks to using a VPN, but free Wi-Fi is not one of them. You need to have an existing network to connect to in order to use a VPN.

Bottom Line

VPN is not a new technology. In fact, it has been around for quite some time. But most users do not understand what it is and how it works, so they are hesitant to jump on the bandwagon. Some users are even asking, is VPN legal? Of course it is.

But you have to remember that the degree of protection you get depends on the VPN service you subscribe to. Each VPN is different. Research first which VPN is best for PC before settling down with your choice. If you use a free VPN, don’t expect too much from it. If you really want all-around, reliable protection, invest in a paid VPN service.