The dangers of using unsecured Wi-Fi

In 2020, there has been an explosion of remote working. According to research, the amount of people who work remotely at least once per week has grown by 400% since 2010. However, while remote working has many fans, there are significant risks associated with it too. If your team members work from cafes, in airports or on trains, then they probably connect to unsecured (public) Wi-Fi.

Connecting to public Wi-Fi may seem convenient, but that convenience can come at the cost of security. Few truly know the hidden dangers – and, when you are dealing with sensitive company information, these risks can be vast. Both employers and employees should be aware of the hidden dangers and learn how to protect themselves when working remotely so they can keep their information safe.

Free Download: The Ultimate Guide To Staying Safe Online

What are the risks of using unsecured Wi-Fi?

An unsecured Wi-Fi most often refers to a free public Wi-Fi network. Identifying unsecured Wi-Fi is easy as it does not require a password to be accessed. As there is no special login or screening process, you and anyone else can use it.

The primary danger when using unsecured Wi-Fi is that of a criminal intercepting your web traffic. In this blog, we will discuss some of the risks you expose yourself to when you surf unprotected.

Login information interception

When you connect to an unsecured Wi-Fi connection, one major risk comes from using services which require login information, think email and online banking. Third parties can intercept data being transmitted over unsecured Wi-Fi as it is in an unencrypted form. They can then extract your login information and passwords from this intercepted data.

Cyber criminals can use the captured login information fraudulently for serval reasons. For example, directly, such as to gain access to personal or business accounts, or indirectly, to sell credentials to third parties.

Sensitive data interception

This same interception risk for login information applies to any other sensitive data transmitted over an unsecured Wi-Fi connection. For example, any sensitive data sent as an instant message, email and other data-transmission tool can be intercepted and used illegally. For obvious reasons, this risk can be especially dangerous for businesses when sensitive corporate information is transmitted.

Spreading malicious software 

Cybercriminals can also use an unsecured Wi-Fi connection to distribute malicious software such as malware and other viruses to multiple users. For instance, if you file-share across a network, the hacker will be able to plant infected software on your device. More sophisticated cybercriminals have in the past managed to hack unsecured Wi-Fi connection points so that a pop-up window occurs during the connection process. If users click on the window, malicious software installs.

Not only can malicious software delete important business data, but it can steal or hold it to ransom. Therefore, having infected software on devices that are connected to company networks or with business data on them can be financial crippling to an organisation.

Bandwidth theft

Bandwidth theft is a real threat whereby others sign onto your network, and the tasks they perform consume a sizeable portion of the available bandwidth.

At a basic level, your users / employees may experience lag which can result in frustration and hurt productivity. In more serious cases, multiple sign-ons from unauthorised users can result in an overload of the capabilities of your network hardware, in the form of a DoS attack, or your system overloading.

Network data theft 

If you host unsecured Wi-Fi, you are also endangering your business and the data stored on any computers connected to the network. Unauthorised users can access unsecured resources on your computer network, including data on connected computers. Failing to put proper intrusion safeguards in place when hosting Wi-Fi will result in sensitive corporate data being stolen. The same goes for malicious software, which can easily be introduced onto the network in this way.

Illegal usage 

In some cases, intruders of unsecured Wi-Fi networks may use it for illegal purposes. For example, illegal file transfers and downloads, the use of your network to distribute viruses, and transmissions of hate speech and other illicit materials could all be going on without your knowledge by an unauthorised user on your unsecured Wi-Fi network. As you are the person hosting the network, any investigation would lead back to you. This includes any fines these crimes incur even if none of your legitimate users did the crime.

How can you protect yourself?

As working remotely becomes increasingly common, you can expect for cyber security issues surrounding public Wi-Fi to grow over time. But that doesn’t mean you have to stay away from it completely and tie yourself to your desk again. Many hackers go after easy targets who haven’t put proper precautions in place. Fortunately, there are some simple steps you can take as an individual or business to help keep your information safe.

Use a VPN or Remote Desktop Service (RDS)

Both a VPN and RDS allow secure access to data and company networks when using unsecured Wi-Fi. However, choosing which to use in a business sense will depend largely on how long employees are working remotely for, how often and where they are going to be working.

A VPN works by encrypting your data through a tunnel, acting as a gateway to safeguard the information employees send and receive when working remotely online, and protects their broadband connection from unauthorised intrusion. This service is perhaps better for organisations as a short-term fix, who don’t have staff moving between a variety of site often, as when configured properly, users only have access to set up files and folders, and not all applications and tools they have when in the office.

An RDS is much different in the way that it creates a remote connection so that users can access that same desktop they have when in the office, but securely. To the end users, there is no difference to what they are used to. However, the difference lies in where data and applications are stored – rather than being stored on an on-site server, they are hosted in the cloud from a secure data. This service is best as a long-term solution and if employees are working remotely regularly in multiple locations.

Secure connections

If you don’t have access to a VPN or RDS, you should make sure you are only visiting encrypted sites to help protect from some of the threats listed in the blog. To do this, look for ‘HTTPS’ at the beginning of website addresses. HTTPS means that the connection between web server and browser is encrypted, thus meaning any data submitted on the website will be safe from those intruding on an unsecure Wi-Fi network. Most of the commonly used browsers use the padlock symbol at the begging of the address to illustrate if a website uses encryption (HTTPS).

If you’re concerned about access websites which don’t use encryption, you can often set your browsing preferences to only access websites that use these secure transmission protocols.

Managed privacy 

As identity theft is one of the main risks of Wi-Fi hacking, you should take steps to ensure when using unsecured Wi-Fi, that you broadcast as little information as possible. For instance, turn off any file-sharing features on your devices in the privacy settings on a mobile or from the system preference or control panel.

Beyond this, it is also beneficial to turn off any ‘network discovery’ settings on your devices. Settings like this allow any devices on the network to locate yours – and that includes those of hackers!

Security barriers 

Typical security barrier solutions such as firewalls and antivirus software can also help protect while using unsecured Wi-Fi and should always be enabled. Firstly, firewalls because they can help prevent hackers from unauthorised external access to your system and will act as a barrier from malware threats which are data-based. Secondly, antivirus software because it will detect any malware that might get into your system when unsecured Wi-Fi networks are used. You should always make sure the latest version of antivirus is installed on all devices.

Safe use of unsecured Wi-Fi

Our online security is important wherever we may be working, but those risks associated with public Wi-Fi are ones we all need to be acutely aware of. Login information and sensitive data inceptions are very real threats, as is network and bandwidth theft, and the illegal usage of your network. With free public (unsecured) Wi-Fi now a common feature at many gathering places and remote work becoming more commonplace, these dangers of unsecured Wi-Fi will continue to be a concern.

Luckily, by educating yourself on the risks and knowing the steps you can take to eliminate them, you will be able to establish the safe use of such Wi-Fi connections. Implementation of a VPN or RDS will be the centrepiece of a defence against the dangers, while ensuring the right security barriers, managed privacy settings and encrypted connections will be great additions to your defence as well.

The entrust IT Group have worked with many companies on their cyber security over the years and have implemented solutions which can help staff work from anywhere, completely securely. For example, our flagship product, the entrustIT Hosted Workspace is an example of a Remote Desktop Service. It is a solution based on a menu of private and public cloud services chosen by the customer on what is critical to their business. The workspace can be accessed on any device and is encrypted so is consequently secure, so there are no security or compatibility issues even if the user is working in a remote location connected to public Wi-Fi.

We have seen first-hand the devasting impacts using unsecured Wi-Fi wrongly can have on a business and individual if successful. Making changes now will mean you don’t experience these now or down the line. Please get in touch if you need help on protecting your business from these dangers as one of our experienced consultants will be happy to offer some advice.

New call-to-action

Subscribe here!

Recent Posts

Posts by tag

See all