Free Wi-Fi: Is It Safe?

October 13, 2016 / By: Educause Security Matters Blog - Francisco J. Tamez Cavazos

Connecting to the Internet has become a necessity, part of our routines and daily lives. Who doesn't use Wi-Fi at their favorite coffee shop or in public parks while enjoying refreshments? Who doesn't use Wi-Fi in airports when traveling? Most of the time you will have a terrible signal on your phone, and hey, since Wi-Fi is free, why not connect and forget about your mobile data plan? Just enjoy the experience—search for those items on sale at your favorite retail website, check your bank account, or even log in to your web camera at home to make sure everything is fine while you are away.

Business travelers also take advantage of perks like free Wi-Fi at hotels in order to review files stored in the cloud or check their e-mail. According to a Kaspersky Lab survey of international business travelers, three out of four people connect to free public Wi-Fi services when abroad, and 82% of travelers connect to free but unsecured Wi-Fi networks in public places such as airports, coffee shops, and hotels. Unfortunately, this common practice may put travelers at risk: the survey also states that 30% of senior business managers have been the target of cybercrime while traveling abroad.

Stop Think Connect
The first weekly theme for National Cyber Security Awareness Month (NCSAM) states that "staying safer and more secure online starts with STOP. THINK. CONNECT." Anyone can follow this simple, actionable advice. "STOP: make sure security measures are in place. THINK: about the consequences of your actions and behaviors online. CONNECT: and enjoy the Internet." Even though it is convenient to connect to free Wi-Fi in coffee shops, libraries, airports, and hotels, most of the time these services are not secure, and the information that you send through websites or mobile apps might be accessed by someone with bad intentions. The most typical cyberattack in this instance is the famous "Man-in-the-middle attack," which occurs when the user connects to free Wi-Fi, unaware that the traffic is being decrypted and reencrypted by the hacker. In other words, the user thinks it is safe to connect and browse the Internet, but it is not safe—the attacker is watching that person's every move online.

The Federal Trade Commission (FTC) offers five tips for using public Wi-Fi networks and protecting your personal information:

  1. How Encryption Works
  2. How to Tell if a Website Is Encrypted
  3. What About Mobile Apps?
  4. Don't Assume a Wi-Fi Hotspot Is Secure
  5. Protect Your Information when Using Public Wi-Fi

Additionally, this student-created PSA video recommends following these four steps while connected to a public network:

  • Turn Internet sharing "Off"
  • Enable your firewall
  • Use SSL protocol
  • Turn Wi-Fi "Off" when not using it

If you are traveling for business and want to check on your kids through your web camera by connecting to free public Wi-Fi, STOP, THINK, and then CONNECT. When you connect to a new Wi-Fi hotspot, your computer will ask you to choose between public, home, or business Wi-Fi. These options have different types of security and privacy settings. When you select Public Wi-Fi, you might get attacked, so the best solution is always not to connect to any free Wi-Fi. Perhaps you should instead watch movies you have downloaded to your tablet or read a book on your smartphone. If you need to connect to a free Wi-Fi hotspot to check your business e-mail, browse the Internet, or transfer bank balances, use a virtual private network (VPN), which will allow you to encrypt traffic between your computer or mobile device and the Internet—it's much safer than using free but unsecured Wi-Fi networks while you're away from home or the office.