Public Wi-Fi may be convenient, but it’s not necessarily safe. Are you putting your data at risk when you connect?
Have you ever been to a Starbucks? Stayed in a hotel? Taken a flight or had a layover? It’d be hard to find a person who can say “no” to all of these questions. Running a business means being a road warrior, with an on-the-go office allowing you to work wherever, whenever.
Why do we ask these questions? Just a single visit to a coffee shop or a short layover in an airport terminal generally offers you access to public Wi-Fi at no cost. While this helps busy professionals like you with day-to-day operations of running a business, it can also put you at great risk. “Free” doesn’t always mean friendly, with viruses, malware, and other harmful technology just waiting to infect a vulnerable victim. Like germs waiting for a weakened immune system, all it takes is one small interaction to make a huge impact on you and your business.
Back in the Day
If you recall, the Palm Pilot and Blackberry, the first mobile devices for professionals, were seen as revolutionary in their heyday. These were made obsolete with the release of the first iPhone nearly 11 years ago, with consumers migrating to smartphones as their preferred means to stay in touch. The appeal of the Internet wasn’t new then but having the ability to surf the web in your hands was a treat, and we have an insatiable appetite.
Early browser wars between Netscape, Internet Explorer and Firefox further fed our consumption, and iPhone’s Safari app wasn’t the only player that put the power to search the web in our hands. Since unlimited data wasn’t an economic option in early plans for most wireless service providers, public Wi-Fi hotspots became a marketing effort to draw consumers.
Today
Fast forward to today, and it’s relatively easy to find public Wi-Fi. The difference is that in those 10+ years, hackers have fine-tuned their weapons.
A decade ago, Microsoft was quick to claim over 90% of the computing market share. Apple’s measly 3% representation made “Mac” users feel comparatively safe, as though membership in this exclusive club came with the assurance of safety. After all, why would hackers bother committing time and resources to an OS that boasts so few users? This has evolved with the explosion of iOS devices, including iPads that provide desktop solutions in a mobile platform.
In 2017, smartphones passed desktop computers as the most commonly-used computing device globally. Aside from their true multipurpose nature as a telephone and a computer, the appeal of the smartphone also stems from their attractive price point, though the days of subsidized costs have disappeared.
The ease of use of a smartphone or tablet hasn’t gone unnoticed by hackers, either. You can stop by Starbucks at lunch to have a quick coffee with a friend and check your email and your bank balance while you wait.
Don’t mind the seemingly invisible entity across the room in the armchair near the window, sipping a latte while using a laptop, backpack leaning against the chair leg. What’s in the backpack? Maybe a textbook or two–or maybe a device called a Wi-Fi Pineapple.
Eat, or Be Eaten.
IT security professionals are familiar with variations of the handy Wi-Fi Pineapple, commonly used to test for many types of vulnerabilities in a network. What’s great about these is their simultaneous simplicity and comprehensive auditing ability. Cybersecurity professionals are drawn to the intuitive interface, advanced reporting, and intelligent reconnaissance support. But, hackers like them, too.
These pocket-sized devices are made to be mobile. How do hackers use them for darker deeds? Discrete and wireless, a Wi-Fi Pineapple can easily fit into a backpack and advertise an access point name that mimics public Wi-Fi, just waiting for the unsuspecting patron who wants to share a photo on Instagram.
What is an access point? A wireless internet access point allows wireless devices to connect to wired networks using wireless technology like Wi-Fi or Bluetooth. A network is assigned a name and, if secure, a password.
Public Wi-Fi is often given a generic name, like the name of the location where you are, such as a library, restaurant, or airport. These are easily identifiable and quick for you to find. Hackers know this and set up their own names to trap you. For example, how easy is it to name a network something like “Starbucks SoCal” or “ATTWiFi NYC Times Square 10036?”
Did you know that iPhones can automatically connect to AT&T Wi-Fi?
Hackers can use the Wi-Fi Pineapple with a simple interface to steal one keystroke at a time and capture usernames and passwords from victims in the vicinity that are posting a Facebook status, paying a credit card statement, or even shopping on Amazon. Are you one of those smartphone users who’s afraid you’ll lose your phone and never stores usernames or passwords, so you enter them each time? A hacker is eagerly waiting for you to do this!
Getting Back to Basics
Remember 10 years ago when Mac users felt safe because there were so few cyber attacks? With the success of the iPhone, that so-called safety shrank away to nothing. Hackers don’t access your data based on your OS anymore. Regardless of which OS you’re using, if you’re vulnerable, you’re vulnerable.
Do you feel like you can’t win, with security risks coming at you from every direction? We understand. Technology is our friend, and advancements are designed to simplify our lives, but the probability of being hacked has outpaced the likelihood that your confidential data will be stolen from a lost phone.
With the primary goal of stealing usernames and passwords, and ultimately, money, hackers work to compromise your data and your business. What can you do to protect yourself?
Do:
- Only join networks you know you can trust with certainty.
- Use networks that require a password, even in public. This is common in hotels where your room charges include guest Wi-Fi, and the password is only given to paying guests.
- Disable automatic connectivity on your smartphone, tablet, and laptop.
Don’t:
- Join a public network and then enter personally identifiable data.
- Shop online using public Wi-Fi. Not only do these transactions involve usernames and passwords, but also payment information and details like your billing address.
- Let your guard down.
Never forget the hard work you did to create your brand and success. Don’t let hackers rob you of this. Do all you can to protect yourself and your business. If you need help doing this, partner with a cybersecurity expert for the best safeguards available.