Continuing our series on cyber security following the two-part blog on digital signing, this is the eighth post which hopes to enlighten users on how to safely tread the open WiFi zones in public areas.
Free WiFi hotspots, which were a luxury some time ago in India, have become the norm nowadays. With the Indian government aiming to take the Internet to last tier cities, towns and villages it is only a matter of time before we are encapsulated in WiFi zones everywhere. This is aimed at bringing the wealth of information available on the internet to the masses. However, the omnipresence of WiFi could attract a great deal of sniffing and eavesdropping.
Open WiFi hotspots, though meant for the greater good, could become the medium for information security mishaps. Any data sent to an unprotected network could easily be monitored using packet or network sniffing applications by a hacker with malintent.
When using an open WiFi hotspot the network traffic between your device and the router is not encrypted, as opposed to using a home WiFi connection which should usually be secured by a passphrase which encrypts the traffic and shields it from eavesdroppers. Hence in an open WiFi connection, any data you send to the router is sent in a visible form and can be snooped upon by using packet or network sniffers. Imagine someone filling out details to an online form; the data submitted could fly across as plain text and can be easily grabbed off the air.
It is advisable to avoid using internet banking and online shopping portals, and communication apps when connected to an open WiFi. Also, it is advisable to turn off network sharing, in the case of laptops, since they could be accessible to people who are connected on the same network, and if the shared resource has no authentication then it would become an easy target for intruders.
A user needn’t explicitly open an app (with a potential security loophole) on his or her mobile device to expose its security hole. Most apps today keep looking for an active internet connection either to push or retrieve notifications thereby exposing its security lapse on an open WiFi connection. It is therefore advisable to restrict background data when on an open WiFi network.
Of course one cannot totally dismiss an open WiFi connection as inherently unsafe. It would be user-practices that make it safe or unsafe. For those who are totally dependant on an open WiFi network, they could choose to use a VPN application thereby securing their communication with the network within a secure channel, and decide to post content only to websites that are signed and secure.
Images were courtesy of:
K7 Threat Control Lab
If you wish to subscribe to our blog, please add the URL provided below to your blog reader: https://labs.k7computing.com/feed/