South Africans who want to browse the web or access online services for work or entertainment while using a public Wi-Fi network are cautioned to take extra care to protect themselves from malicious hackers.
As public Wi-Fi is often offered for free or at a low cost, it provides a great way to use the Internet while out and about, without running up exorbitant mobile costs.
These hotspots can be found in a wide variety of locations – including restaurants, bars, hotels, airports, and other transport hubs.
There are even a number of government initiatives which offer widespread free Wi-Fi coverage across cities like Johannesburg and Pretoria.
However, whether due to negligent security setup by the businesses or entities which provide these services, or smart tactics used by malicious parties, these networks are vulnerable to attack.
Not taking the necessary measures to secure your computer and your online activities could expose sensitive information – which could come at a great personal or financial cost.
To understand how you can protect yourself, it is important to get an idea of the two main ways in which hackers typically carry out attacks on public Wi-Fi networks.
Types of attacks
The first is the man-in-the-middle attack – which involves a hacker deploying sophisticated techniques and files to computers connected to the same network in order to intercept communications or deploy malware.
This usually occurs when the Wi-Fi host has not taken the necessary steps to secure the network and its router with the proper security settings and updates.
The second type of attack sees the hacker creating a “spoof” Wi-Fi hotspot which pretends to be offered by a legitimate business or entity.
When a user connects to this network, the hacker can view and track the data that they input, in addition to infecting the device with malware which could maintain a presence long after the user disconnects.
Verify the network
Firstly, it is best to ensure that the network you connect to is indeed the one hosted by the business or other entity. Do not simply assume that a network with the same or a similar SSID is the right one.
Ask a patron or manager for the correct name and verify that the login process matches with the details provided. For example, if it requires a password, but the Wi-Fi hotspot you can see using the same name does not, this should be a big sign of danger.
For peace of mind, you could also ask for the offering IP address, and see if this matches the network you are trying to connect to.
Disable file sharing
Network connections typically allow for file and folder sharing between the various connected devices.
As you likely would have no need to share files with any of the strangers in the public area around you, you should turn this feature off.
In Windows 10, these can be found under the Advanced Sharing Settings option in the Network and Sharing Center of the Control Panel.
Mac users can navigate to System Preferences, Sharing, and uncheck all options under the Services tab.
Use a VPN
A Virtual Private Network (VPN) service effectively acts as a private tunnel between your computer and the web server, making it one of the most secure options for browsing the web on a public network.
VPNs encrypt your data traffic, meaning it will not be visible to hackers and they will be unable to access your information or online activities. In addition, it allows you to hide your location by providing an IP address which is mapped to another country.
It is important to note that the quality of VPNs can differ greatly, and it is highly recommended to use a reputed, paid-for service as opposed to a free VPN that likely uses your own information to generate revenue or provides inadequate protections.
Current highly-rated VPNs include:
- Hotspot Shield
Only visit encrypted sites
Using sites with “HTTPS” at the beginning of the address will also ensure that the connection between your browser and the website is encrypted.
This offers an extra layer of protection to hide your data and activities from malicious attackers.
Any data submitted on an encrypted site will not be susceptible to access or tampering.
Certain browsers will indicate a site is HTTPS-encrypted with a padlock symbol at the beginning of the address.
Keep the firewall enabled
Despite not being able to provide total protection, it is recommended to keep your firewall turned on to prevent unauthorised external access to your system.
Firewalls actively monitor data packets from networks to check whether they are safe.
Malicious data packets will be blocked by the firewall, securing the integrity of a computer or network and protecting users’ data.
Although a firewall does not guarantee complete defence from attacks, it can serve as an additional barrier to shield your device from data-based malware threats.
Use an antivirus
A good antivirus program will be able to detect and alert you if malware or other malicious files have made its way onto your device while you were using a shared network.
It is essential to use a trusted program – like Kaspersky or Windows Defender – and to keep these updated with the latest definitions to be able to identify newer threats quickly.
These applications can also help you get rid of malicious files and clean your system in the event that it was compromised.
Secure your accounts
Common best-practice principles for keeping your online accounts safe can provide the last line of defence in instances where your private data may have been exposed and could be used to access your accounts.
These include using sophisticated passwords consisting of various different types of character, not repeating these credentials for numerous sites, and activating two-factor authentication.
In addition, it is not recommended to use public Wi-Fi for accessing key online platforms like banking or
Watch out for prying eyes
As a general rule for using your computer in public, be certain that no one is peeking over your shoulder to see what you are typing.
Eagle-eyed criminals may be able to note your login names and password or simply view personal information or media.
Wednesday, December 30, 2020