We all know of businesses that offer free WiFi. Our local cafe restaurant, fast food outlet. Airport Lounges. Even the local shopping centre might offer Free WiFi. It sounds great to get something for free but there could be bad actors who are also using that free WiFi.
Because the WiFi is free or complimentary bad actors know that many people will use the Free WiFi network. This makes for easy pickings and with the right equipment software and a little patience they can compromise anyone who connects to the Free WiFi network.
I have WiFi at home. Is it a risk too?
Short answer: it isn’t as risky as Free WiFi. If you have strong passwords and device access controls you are much safer.
Long answer: While all WiFi networks do have security. This security is most effective when it includes passwords and some control over what devices can connect to it. You control what devices are in you home and you control the password. While it is possible to crack a WiFi password, it does take a lot of time to gather enough data to learn the password. Many home routers now know some of the tricks used by network hackers and can counter or block those connections.
While the same principles apply to the Free WiFi routers, the fact is that the Free WiFi password is given away. This eliminates the first hurdle bad actors need to over come. The hurdle of getting onto the network itself.
Now they are on the network. They can sit back, have a coffee and scan everyone’s WiFi data. Capturing it for later analysis or if they are very good, actually grab user names and passwords in real time.
The next weakness is, the people running the Free WiFi network never check what devices or software people are running on their networks. They are not looking for the bad actors.
So we have unknown people given access to the WiFi Network running unknown systems and software. The perfect situation for bad actors to do what they do best.
What are the Bad Actors doing?
They are capturing WiFi traffic and either analysing it in real time or storing it, so that they can analyse it later for user names and passwords to services and sites that people have used while connected to the Free WiFi.
Its surprising how quickly you can be hacked.
With the right kind of Wireless router being used at the Free WiFi location and suitable software it could be possible to obtain usernames and passwords within tens of minutes. While that information will give bad actors access to your accounts it will most likely be a little while before they actually do access your accounts but the one thing you can count on is, if they have your details they will.
Even if they don’t get your passwords straight away it will not take long before your WiFi data has been analysed and any user names and passwords you used will be extracted from that data. We can count that time to be a few hours maximum.
How can you protect yourself?
Here are some simple ways to protect yourself from hackers on Free WiFi networks. We recommend using several at the same time for maximum security.
1) Don’t use Free WiFi. If you never use it, you will not be a target to Free WiFi hackers.
2) Only use the data connection that is included with your Mobile phone service. It is more secure and the hackers cannot see your data. They would need another way to gain access to your mobile device.
If you are using a laptop connect it to your mobile phone. Even if that connection is a WiFi hotspot it is still much more secure than Free WiFi
3) Use a VPN app on your mobile device or your laptop. A VPN will scramble all of your data as it goes out from your mobile device or laptop. This means that the WiFi hackers will only see scrambled data. They will not be able to get anything from it. Maybe your Anti virus provider has a VPN? If not there are several very good 3rd party VPN providers.
4) Use very secure user names and passwords. Make an effort to come up with a strong and reasonably long password. If it looks like scrambled text and not a plain word like your favourite sports team and players number then hackers might over look it.
If keeping track of many complicated usernames and passwords seems daunting there are secure tools that can help you do this. You have to remember to apply high security standards to these tools as well because cracking these tools will give hackers access to all the usernames and password you store in those tools.
5) Don’t use the same password for everything. The second thing hackers are going to do with your username and password is try them on every app or website they know you go to. Chances are you will have one password for several sites or apps. It’s amazing how many people do it.
6) Use 2 Factor Authentication where available. You may already be using this and not know what it is. If your bank requires you to type in a code they send you every time, before you can log into their service, then this is 2 Factor Authentication.
Many other sites have 2 Factor Authentication available and if you have never heard the term before, it’s possible you are not already using it with those apps or sites. Check the help pages for those apps or sites and see what security options they have available.
If 2 Factor Authentication is available it is recommended that you use it.
Some apps and sites like Microsoft, Google and Facebook have 2 Factor Authentication that you can link to other apps and sites you use. This way you don’t have to have multiple 2 Factor Authentication systems to remember, which can be confusing or tedious. Simple and Effective security means you are more likely to use it and stay safe.