We've all been there, connecting to a public Wi-Fi without giving it a second thought. But did you know that there are more dangers to public Wi-Fi than you might realize? Take a look at the ways you could be opening yourself up to a cyber-attack, all while you sit in your favorite coffee shop.
Man in the middle attacks
A man in the middle attack is a very common threat, especially for those joining unsecured public Wi-Fi networks. A criminal can eavesdrop on you and wait for you to connect to a network, and as soon as you do there are ways they can read, or even tamper with the data you're accessing. This sort of attack can go completely undetected, and if you are accessing something confidential, such as your online banking application, you could be putting yourself at a real risk of having your information stolen. Sophisticated attacks of this type can even work around end-to-end encryption such as HTTPS, via downgrades.
Major UK banks fix app security flaw
An example of how public Wi-Fi and man in the middle attacks could put you at risk is the recent discovery from the University of Birmingham. Customers could have been left exposed and at risk of their personal details being stolen for up to a year. Major security flaws with apps at several UK banks meant that if customers were detected joining a public Wi-Fi network, and then using the banking app, a nearby cyber criminal could gain access to their details and ultimately, their funds. The vulnerability has now been fixed, but it's unclear whether any customers has their details compromised while the flaw went undetected. Find out more about this in our recent perception report.
These hotspots are created by cyber criminals and are designed to look like legitimate networks. So, for example, you could be in your favorite coffee shop, and trying to connect to what you think is their public Wi-Fi network, but instead you're connecting to a rogue network that has an identical network name. Hackers can exploit this weakness to potentially view all the sensitive information you're accessing.
What can you do?
There are a couple of things that you can do to protect yourself from potential attacks whilst using public Wi-Fi. The best way to protect yourself is to never access sensitive information on a public Wi-Fi connection to begin with. In cases where it’s truly unavoidable, always ensure that you only access websites over HTTPS. If your browser is reporting that your connection is not secure, do not continue to access the website. Information about the security of your connection can be found to the left of the address bar in most modern browsers. Also be aware of what networks your devices are connecting to. Never allow them to connect to public networks without your explicit permission. Nettitude can help you learn more about public Wi-Fi and other ways you can keep your business safe, through our Security Awareness Training programme. Contact us today.