Celebrating World Wi-Fi Day 2023 by connecting with all securely. (Source – Shutterstock)
The costly experience of free public Wi-Fi
In today’s interconnected world, Wi-Fi has become essential to people’s daily lives, revolutionizing how they connect and interact. It empowers individuals with seamless communication and access to information, driving digital innovation. World Wi-Fi Day, celebrated on June 20th each year, highlights the significance of this technology and its potential to bridge the digital divide.
While Wi-Fi brings tremendous benefits, it also poses risks. A recent Forbes study reveals that 35% of North Americans access public Wi-Fi networks multiple times a day, resulting in 40% experiencing information compromise at some point. Cybercriminals exploit this platform to carry out malicious activities, continually evolving their tactics.
Apart from that, hybrid and remote workers that are not working at home often end up using public Wi-Fi connections. This includes Wi-Fi in restaurants, hotels, convention centers, co-working spaces and such. These networks not only pose a threat to the devices but could also infiltrate organizations by planting malware in company devices, files and such.
Everyone’s using the network
A recent incident in Qatar raised concerns among hotel guests when Pakistani cybersecurity researcher Etizaz Mohsin discovered a significant flaw in a Qatari hotel’s Wi-Fi system. This shocking find, reported by Al Jazeera, laid bare a vulnerability that exposed sensitive data of countless hotels and guests worldwide.
From his hotel room, Mohsin accessed network configurations of 629 hotels in 40 countries and personal details of millions of guests, including room numbers, email addresses, and stay dates. The breach affected well-known hotel chains in the Middle East and North Africa, spanning countries from Qatar to Bahrain.
Mohsin underscored the insecurity of public Wi-Fi, which provides a fertile ground for hackers to intercept and monitor data, facilitating unauthorized access to critical information like banking credentials and account passwords.
This example is just one of the many incidents that continue to wreak havoc on users using public Wi-Fi. To avoid falling victim to such incidents, users need to be vigilant when deciding which network to work on.
Jetting off for a weekend away? Use a personal #hotspot instead of public wifi. Bon voyage! Read more cyber safe #travel tips: https://t.co/FRakJntSAY pic.twitter.com/0q5gFYcThI
— National Cybersecurity Alliance (@StaySafeOnline) June 14, 2023
Five things to look out for when using public Wi-Fi
Check Point Software Technologies emphasizes the importance of using secure wireless networks to prevent cyberattacks on the 30 billion devices connected through mobile connectivity. This is particularly crucial in the Asia Pacific region, where weekly attacks have seen a significant year-over-year increase, averaging 1,835 attacks per organization in the first quarter of 2023.
Public Wi-Fi has become an indispensable resource for staying connected on the go. However, it’s crucial to be aware of the potential risks that come with using these networks. Here are 5 things to consider when using public Wi-Fi:
Users should avoid connecting to unknown Wi-Fi networks
Cybercriminals often take advantage of the high demand for connectivity in these areas to set up malicious Wi-Fi networks that appear to be legitimate. They also tend to create fake Wi-Fi networks imitating real businesses, making unsuspecting users vulnerable to “Man in the Middle” attacks where personal and sensitive data can be accessed and exploited.
For legitimate businesses like hotels or restaurants, providing free Wi-Fi is convenient, however these networks often lack robust security measures. They are typically unencrypted and easy to join, making them easy targets for attackers. An attacker doesn’t need to control the network to exploit it; they can simply monitor the traffic and extract unencrypted data.
This threat is especially severe when users engage in activities involving the transmission of sensitive data, like making online purchases or accessing bank accounts on unsecured networks. It exposes their financial details and provides potential avenues for identity theft or phishing attacks.
To protect sensitive information, it is recommended to avoid using public Wi-Fi for sensitive activities. Consider using a Virtual Private Network (VPN) or ensure that websites use HTTPS. Prioritizing cybersecurity safeguards your data.
Limit browsing to secure pages
Enhancing online security involves limiting browsing to secure pages that use the HTTPS protocol. Modern web browsers often include built-in features that alert users when accessing unsecured websites lacking an HTTPS certificate. HTTPS encrypts data transmission, preventing unauthorized access.
While browser warnings for unsecured websites provide a level of security, they may be overlooked by users unaware of the risks. It’s crucial to understand that not all HTTPS websites guarantee safety, as cybercriminals can obtain SSL/TLS certificates for their malicious sites. Verifying full website URLs, maintaining up-to-date browsers and antivirus software, and using tools like ad-blockers or browser security plugins provide additional layers of safety.
Remember, the best protection combines technological measures with careful online behavior. This includes avoiding suspicious links, downloads from untrusted sources, or entering personal information unless the legitimacy and security of the site are verified.
Users need to be vigilant when using public Wi-Fi for work. (Source – Shutterstock)
Remain vigilant even when connected to networks considered “secure”
Becoming complacent and less cautious can make users vulnerable to traps set by attackers. Basic cybersecurity measures involve staying alert, thinking before taking action, and avoiding impulsive clicks or data entry compromising security.
Cybercriminals use tactics like phishing attacks to trick users into revealing sensitive data. These attacks masquerade as legitimate sources, coaxing users to click on links, download attachments, or fill in forms that lead to information leakage or malware installation. Advanced malware types like ransomware and spyware can pose threats through simple actions like opening an email or downloading a file.
To combat these threats, adhere to basic cybersecurity measures consistently. Be alert to possible attacks, think before acting online, and avoid impulsive decisions compromising security. Always critically examine emails or messages, especially from unknown sources or those requesting unsolicited information.
Using security tools like antivirus software, firewalls, and keeping software and systems updated adds another layer of defense against common attacks. Cybersecurity is an ongoing process that requires vigilance, skepticism, and adaptation to evolving threats. A moment of caution can prevent potential troubles.
Suspicious emails and messages
Being vigilant about suspicious emails and messages is crucial for online security, as they are frequently used in phishing attacks to steal sensitive information. These deceptive communications pose as legitimate sources, creating a sense of urgency to elicit hasty actions. Avoid clicking links in suspicious emails to prevent access to counterfeit websites or trigger malicious downloads.
Also, refrain from downloading questionable attachments that may contain malware. If an email from a familiar source appears suspicious, independently verify it by contacting the source through trusted means, not the questionable email. Keeping security software up-to-date can help detect and block phishing attempts and malicious downloads, providing additional protection.
Remember, maintaining online security requires consistent vigilance and avoiding impulsive actions.
Avoid using common passwords
Using unique and strong passwords for each account is essential for online protection. Avoid using the same password across multiple accounts, as it exposes all accounts to compromise if one gets breached. Additionally, steer clear of common or predictable passwords like “123456,” “password,” or “June2023,” which cybercriminals can quickly crack, putting users’ accounts at risk.
For secure passwords, use a mix of at least 12 characters, including letters, numbers, symbols, and both uppercase and lowercase letters. This strategy increases password complexity and resilience to cracking attempts. An effective technique is to create memorable but hard-to-guess phrases as passwords, such as “MyDogBarksAt2am!”, enhancing both recall and complexity.
Consider using password managers that generate and remember random, high-strength passwords for each account, requiring users to remember only one master password. This ensures security even if users find password creation or recall challenging. Enabling two-factor authentication (2FA) when possible adds an extra layer of security; even with a user’s password, an attacker would need this second piece of information to access your account.
By following these guidelines, a user significantly enhances their online security. Remember, a little effort in password management goes a long way in protecting their digital life.
Free Wi-Fi displayed at a store (Source – Shutterstock)
Teong Eng Guan, Regional Director, Southeast Asia and Korea, at Check Point Software Technologies, stated that wireless networks are an essential part of today’s digital society, being the main capability responsible for keeping everyone connected.
“Associated with trusted places such as our home or work, we often tend to let our guard down when connecting to and surfing whilst using public Wi-Fi networks. It is imperative to keep cybersecurity measures and senses alert to avoid any kind of risk and for users to be able to surf networks in a safer way,” Eng Guan emphasized.
Empowering connectivity for all
World Wi-Fi Day serves as a reminder of the ever-evolving nature of technology and the need to expand connectivity while bridging the digital divide. In the era of widespread remote and hybrid work, organizations must prioritize robust security measures like a zero-trust model. This approach, operating under ‘trust nothing, verify everything’, helps protect networks from internal threats and unauthorized access. Its implementation involves strategies like multi-factor authentication, micro-segmentation, and least-privilege access.
Regular employee training, prompt system updates, and advanced security tools further reinforce the company’s defense against evolving cyber threats. Let’s celebrate World Wi-Fi Day and reaffirm our commitment to building a future where everyone can thrive in the digital age.
READ MORE
- 3 Steps to Successfully Automate Copilot for Microsoft 365 Implementation
- Trustworthy AI – the Promise of Enterprise-Friendly Generative Machine Learning with Dell and NVIDIA
- Strategies for Democratizing GenAI
- The criticality of endpoint management in cybersecurity and operations
- Ethical AI: The renewed importance of safeguarding data and customer privacy in Generative AI applications