Subscribe to the CyberThreatPOV Podcast

Public Wi-Fi: The Double-Edged Sword of Connectivity and Cybersecurity

The appeal of free public Wi-Fi is inescapable in today’s digital world. The ability to connect, work, and socialize from any location – be it a local cafĂ©, an airport lounge, or a hotel lobby – is a convenience that many have come to rely on. However, this convenience is not without its risks. As the digital landscape evolves, so do the threats associated with public Wi-Fi networks. Public Wi-Fi has become a staple in our daily lives. With the surge in remote work and the digital nomad lifestyle, the need to stay connected while on the move has never been greater. Yet, a staggering 56% of individuals connect to public Wi-Fi networks without a password, as reported by Forbes Advisor. This seemingly harmless act can expose users to a myriad of cyber threats.

Below are a few attack vectors that cyber criminals can use to access users’ digital information using public Wi-Fi.

  • Evil Twin (Rogue Access Point) – Cybercriminals often set up counterfeit Wi-Fi networks with an SSID (Service Set Identifier) resembling legitimate ones. Unsuspecting users, thinking they’re connecting to a genuine network, inadvertently expose their data to these rogue hotspots. After a user connects to an Evil Twin, all data sent over the network can be seen by the attacker.
  • Man-in-the-Middle (MITM) Attacks – In these attacks a threat actor, who is on the same public network you connect to, intercepts packets sent between your computer and the internet. Similar to eavesdropping, this allows attackers to view and manipulate data.
  • Session Hijacking and Sidejacking – This occurs when the attacker is able to steal a legitimate session ID from a user to “hijack” the user’s session. For instance, a user may log into their bank account on public Wi-Fi. Simultaneously, the attacker will capture the information in the session cookie and use it to impersonate the user after they are done with their banking activity.
  • Login Page Phishing – Some public Wi-Fi login pages may prompt users to enter information to securely login. This may be leveraged by attackers using a phishing attack to obtain credentials. For example, an attacker may redirect a user attempting to access a public Wi-Fi point to a phishing page requesting the user login through Facebook. If the user enters their Facebook credentials, they are passed to the attacker who can then use them.
  • Unencrypted Public Wi-Fi – By default most access points are set up with WPA2 encryption enabled. However, if encryption is disabled on the Wi-Fi access point, information sent over the network can be viewed by attackers connected to the network.
  • Malware Distribution – Attackers can use public Wi-Fi to prompt a user to download or install a malicious program that may log keystrokes, or enable remote access to a user’s computer.

Public Wi-Fi Best Practices

In most cases, the most secure action would be to avoid public Wi-Fi. A low-cost solution would be to connect to a personal mobile hotspot. However, if one must connect to a public hot spot here are some best practices.

  • Ensure that you are connecting to a legitimate Wi-Fi access point. Usually, this can be confirmed by asking an employee what the SSID for their Wi-Fi is.
  • When connecting to a public Wi-Fi access point, use a VPN to encrypt your data in transit over the network.
  • Disable auto-connecting to Wi-Fi networks.
  • Avoid accessing your personal financial information or work information while using un-trusted public Wi-Fi.
  • Only access HTTPS site to ensure an SSL/TLS connection with the webpage.
  • Enable anti-virus and anti-malware software on your computer.