Why Free, Public WiFi is NOT Awesome.

The Ubiquitous Mr. Public WiFi
In urban centers, Public Wifi is ubiquitous. It’s everywhere. In less than 20 years, it has proliferated across the US to the point of becoming like a utility. It’s not as easy as before to find populated areas that don’t have it widely available. It’s so available, in fact, there are many people who don’t pay for it. Ever.

A pal of mine who lives in San Francisco is a great example. She has an iPhone but doesn’t have a phone carrier plan for data or voice service. She uses Public WiFi everywhere, makes and receives calls via Skype and Viber and uses the internet freely. It’s entirely possible to sustain that in a city with so much widely-available, free, Public WiFi. Public WiFi is now considered a utility, available everywhere from restaurants, coffee shops, airports, hotels, offices and even outside, everywhere. When we turn the faucet on, we don’t hope, we expect water to come out. It’s that easy, cheap and convenient. Right?

The first thought we typically have is, “Free WiFi? That’s awesome!” Then, just because we can, even where our unlimited cellular data plans are working just fine, we connect to it and allow all of our online activities to go out and come back in through whatever WiFi network was easiest to connect to. Awesome.

But is it?

Let’s take a closer look at why there is more to consider.

The Bright Side
This is self-evident: rather than burning bandwidth from our own mobile data plans, Public WiFi allows us to use the web without using that up. Anyone who has ever spent the day working in a coffee shop loves it – working, streamingmusic, making Skype calls, checking social media – free WiFi – WEEEEEEE!!! What’s not to love?

The Dark Side – How Does Public WiFi Really Work?
Any network begins with a device, like a cable or DSL modem or router, that acquires access to the internet using an internet service provider (ISP). That, in turn, connects to and broadcasts through that chain of network devices, including network switches and WAPs (Wireless Access Points), such as a Public WiFi hotspot, which transmits its wirelessnetwork name to devices, effectively advertising its availability for people to connect to.

Each device connected to this chain is open to exploitation in a number of ways.

Default Settings = Insecure Configurations
A lot of free Public WiFi is provided by corporate outfits who have dedicated personnel who are experienced in setting up, configuring and maintaining information technology systems like WiFi networks. Even in cases like this, cybersecurity is not top-of-mind, nor is it a specific or required skill set in low-level tech support staff who are often pressed for time and set things up quickly, ignoring many good practices. Instead, these devices get rolled out with default settings, default usernames and passwords, which make hacking them mere child’s play.

This means that even in a best-case-scenario where an establishment has their own, internal IT support team, trusting that these devices and networks still comes with an amount of risk that they have not been configured with our security in mind. In my own audits, even conducted casually, devices are left to the easiest possible setup – default configurations, which means they are wide open to compromise. Not awesome.

Then, in cases where establishments are not backed by corporate IT teams, these smaller operations have proprietors who are setting up these wireless network themselves using their own, limited knowledge. Hackers love this especially because it makes it even easier for them to take control of these networks and add them to their collection of assets.

Man-in-the-Middle (MitM) Attacks
Hackers commonly exploit Public WiFi networks using what’s called a Man in the Middle (MitM) attack. Essentially, a MitM attack is eavesdropping. When any device connects to the internet through a wireless network, all the information being sent to and from that device (via appsservices and/or websites) passes through a chain of several intermediary network devices to get to and from the internet. Vulnerabilities present on any device in this chain allows a third party to get “in the middle” of these transmissions and capture any and all of that information.

The tools used to achieve this are widely available for free and are easy to use. Compromising Public WiFi networks is a trivial hacking skill, even with a limited technical proficiency. Using more specialized tools, hackers can install backdoors that they can use to locate a device later on, wherever it is connected to the internet, and use it for some nefarious purpose without the owner having any idea.

Interested to learn more about MitM Attacks? Here’s a great overview: http://blog.erratasec.com/2015/02/exploiting-superfish-certificate.html

Dude! Where’s My Encryption?
Encryption, man. It’s key to keeping our information safe from prying eyes. The vast majority of Public Wi-Fi hotspots do not use encryption of any kind to protect the information you send over the internet and are not safe for this one, simple reason alone.

Going Rogue!
A “rogue access point” is a commonly used method that people easily fall for, too. Hackers set up Public WiFi networks with commonly known names, such as “ATT385” or “Verizon564K” or “XFINITY” in order to lure people into connecting to what appears to be a legitimate network. Names of businesses, restaurants, hotels and airports work great, too. Anyone setting up a network can name it anything they want, you may search and connect to a WiFi network called “Pete’s Cafe”, when the official, legitimate network is actually “Pete’s Coffee”. How are you supposed to know the difference?

Voila! You’ve just connected to a rogue hotspot set up by hackers who can now see everything you do and, further, use specialized tools to either modify a downloaded executable to exploit the device with a payload (malware), or exploit a new, lesser known vulnerability where malware can be sent and spread from one device to another via WiFi. Using these kinds of methods, malicious hackers can install backdoors and otherwise use your device to do their bidding today, tomorrow or at some point in the future whenever needed.

Sniffing and Snooping
Snooping and sniffing is what it sounds like. Packet analyzers, also known as packet sniffers, are available tools hackers can use to capture and monitor inbound and outbound traffic on a network. These tools are designed for good: to analyze and improve the performance of networks. They can easily be used for bad, though. These tools are a primary method for identity theft. When you log into your bank account while connected to a compromised Public WiFi network, hackers can see your usernamepassword, everything, which can be used later on (after a large deposit, for example) to log in and create havoc.

Use a VPN
If you wanna use the internet, it’s a good idea to use a trusted Virtual Private Network or VPN whenever you do. Without using one while we are online, especially on a Public WiFi network that’s unknown to us, we can much more easily be taken advantage of.

What is a VPN and what does it do?

Imagine a letter, a good, old-fashioned letter that gets sent in the mail. If I send you a letter, it comes in an envelope, addressed only to you, to protect its privacy. Think of the envelope as encryption. VPNs work in a similar way. Imagine a VPN as something that wraps up our activities on the internet in a private envelope. This is encryption. Encryption envelopes our online activities in ways that make it exponentially more challenging for others to intercept them. VPNs are an encryption tool that we should all be using habitually, whenever we are online, and not just when connecting to free, Public WiFi.

If you wish, you can learn more about VPN services and also which are more reputable than others (because not all of them are). Check out Tom’s Guide, who did an outstanding review of many.

Thanks for reading. Get in the habit of using a proper, reputable VPN and help make the web safer for everyone for both work and play.