Think twice before you connect to that free WiFi network — and then think again. Connecting to a public WiFi network in an airport or elsewhere is now nearly a reflex, but tech and security experts agree it's not without risks.
Shaun Murphy is CEO of a digital security company called PrivateGiant. It's latest effort is an all-in-one encrypted messaging solution called Sndr, which comes out at the end of this summer. Murphy tells us that connecting to an unsecured network can have lasting negative repercussions when that network looks like something it is not.
“We’re located right by Disney in Orlando, and tourists of course want to check their email and browse the Web,” says Murphy. “We started to see a threat where people might be using a device that pretends to be a free WiFi access point. When you connect to it, it looks like you’re online per usual, but what you’re actually doing is connecting to a device that captures your data, like usernames and passwords, and can change the data going back to your phone.”
A WiFi network is ultimately just a bunch of radio signals, and radio signals can be easily spoofed to look like something else. “Rogue access points” are those that welcome you to use an unsecured Internet, then capitalize maliciously on that very lack of security. They might do a variety of things, from recording and capturing all your online activity to changing and manipulating any data that you might request. For example, if you download and install Pokemon: Go while connected to a hacker’s fake WiFi network, you may unwittingly be installing malware at the same time — something that accesses your photos or lets a stranger listen to your device’s microphone. It happened during the Sochi Olympics. Creepy.
Murphy says that over the course of the next five to 10 years, the general public will become much more concerned with this level of security and identity validation. Why wait until then to form the habits that can keep you protected today?
“There’s no totally secure way to do free WiFi today,” Murphy says. But a little bit of knowledge and prevention goes a long way. Here’s what you need to know and consider when connecting to public WiFi in the future.
- Know the levels of network security.
For obvious reasons, a no-password-required network is the least secure. If a network requires you to ask someone for a password, you’re better off using that one.
- Verify the network and password with a trusted source.
Maybe it’s a barista or librarian or an airline employee you need to ask. Maybe the password is written on a sign on the wall. However you confirm WiFi information, make sure it passes some level of common sense, and not just coming from the dude sitting next to you.
- Be mindful of which networks you connect to and which activities you conduct while connected.
Beware of the mysterious free WiFi in unlikely locations. If and when you do use it, avoid logging into your bank account, Facebook profile, or anything requiring your password or other sensitive information.
- Change passwords often.
You've heard it before, and that's because it's extremely important. Make this a habit regardless of your public WiFi habits. Prevention is key, so make use of password tools like LastPass and 1Password to generate solid passwords that you’ll never have to manually remember.