6 ways to keep secure on public WIFI

Bottomless Wi-Fi anyone?

If you follow me on LinkedIn, you may have seen my recent post of a picture from my holiday. There I was, sitting in a bar in Mallorca, sipping away on sangria, when I clocked the bar’s Wi-Fi password.

‘COCKTAIL’ was hung in all caps for everyone to see.

One word, no symbols or numbers… a threat actor’s dream and a nightmare for someone in the cyber security industry.

As a big fan of a bottomless brunch and thinking back on the countless times the girls and I have connected to a bar’s Wi-Fi to get our latest boomerang for Instagram, it got me thinking about the security of public Wi-Fi networks.

Just like the girls and I desire a bottomless brunch for the price tag (£30 for a meal and unlimited alcohol for 90 minutes, a barg!), threat actors want us to connect to public or insecure Wi-Fi networks to gain access to unsecured devices on the same network.

A threat actor can position themselves between your device and the Wi-Fi point, this is known as a Man in the middle (MitM) attack. While you may think your harmlessly connecting to the Wi-Fi in a bar, new company, free public Wi-Fi, etc you in fact could be sending your information directly to an attacker and putting it in to the wrong hands. How many times have you done a clothes shop (credit/debit card details), sent an important work email (private information), logged in to an important account (password) while connected to a Wi-Fi you never have before?

Companies share their Wi-Fi network names to help clients connect and improve the user experience, but as mentioned above, threat actors can clone this network and use it to perform MITM attacks and intercept sensitive data. If a threat actor successfully collects the data, they can then access accounts, systems, etc as if they were you.

I know the above may seem scary and negative so let’s get to the good news, especially as nobody wants to feel sad while discussing cocktails! While there are risks, you don’t have to avoid unfamiliar Wi-Fi networks forever! As with all threat actors, they’re looking for mistakes and easy targets (low hanging fruit).

Here are some steps you can take to be cautious and to protect yourself:

1) Multi factor authentication (MFA) gives you another layer of security. Make sure you’re using it, where available.

2) Stick to using 4G/5G, it may be slower and eat in to your data plan BUT you will be protected from MitM attacks on the Wi-Fi.

3) Consider using a VPN to protect your internet traffic being intercepted on public Wi-Fi.

4) Don’t perform any kind of sensitive transaction on public Wi-Fi. Want to post a selfie, pornstar martini in hand, during your brunch? Go ahead. Want to Google directions to the next bar? Go for it. Log in to your banking app to transfer some money? Hell to the no.

5) Turn off airdrop.

6) When you don’t need Wi-Fi, ensure it’s turned off.

Moral of the story – like I proceed with caution when ordering a long island iced tea (which contains no less than 5 spirits, btw) keep the same energy when connecting to any new Wi-Fi networks.

If you’re looking for an expert team to show you where your vulnerabilities are to enable you to instigate a more proactive security strategy, then get in touch with us at sales@cognisys.co.uk and we’d be happy to help!

Subscribe to receive the latest cyber insights

RECENT UPDATES

In Parallel achieves ISO 42001 at breakneck speed

CASE STUDY

In Parallel achieves ISO 42001 at breakneck speed

Learn how we helped In Parallel achieve their ISO 42001 certification, boosting their market credibility.

The biggest cyber attacks and vulnerabilities from September 2024

NEWS

The biggest cyber attacks and vulnerabilities from September 2024

Insights and trends from recent cyber threats and vulnerabilities from September.

IT manager using SmartScan to prioritise vulnerabilities, organising tasks based on severity to enhance security efforts.

BLOG

What is vulnerability management?

In this blog, we discuss what vulnerability management is, the lifecycle from discovering weaknesses to prioritising, resolving, and continuously improving defences to minimise cyber risks.