Columnists,Deshan Ilangakoon,Main Slider l by Deshan Ilangakoon l 17 Aug 2020     - 65

Being Digitally Safe - Public WiFi and Internet Cafés


The internet had its humble beginnings as a network for academics to share information with one another. This small closed network of peers has over time grown and developed to what we now call the World Wide Web. This sensational technology has come so far that people now are sighting that free and open access to the internet be a basic human right. With the boom of the internet, technologies to help us get onto the internet has also developed. We have 4G and 5G networks, we have WiFi and broadband and a host of other means of getting into the internet. This popularity is such that soon, children’s first words won’t be “mom” or “dad” it’s going to be “WiFi” or “Internet”.

However, all this popularity has come with tremendous problems. The source of these problems was that the internet was developed by academics as a close network. What this meant was that the internet and its protocol on how we communicate with each other were based on a “trust” system and people developing them thought more in terms of technical faults and not in terms of malicious individuals. This is why the internet is such a powerful yet deadly tool, and it is something that we should treat with great care and responsibility.

All of this brings us to WiFi networks. Quite often the term “Free WiFi” is something that gets quite a lot of us excited. I will admit that even I was one of you until I learned of the pitfalls. The thought of being able to access the internet without having to pay for it is very appealing. Free WiFi is such a valued service that a lot of hotels and restaurants advertise this fact and it is something that a lot of us expect to be given to us. Free WiFi is so commonplace that it is like expecting a restaurant or a hotel to sever water. Sadly, another set of people who get very excited over free WiFi are hacker. Free WiFi networks are a treasure trove for hacker and even if there is some sort of password like most hotels have, breaking into these WiFi networks is not really hard for a hacker. 

To make this problem even worse, hacking into a WiFi network is not something that only skilled and movie type hackers can do. There are tools that anyone can buy or even get for free that will allow any novice hacker to break into a WiFi network with ease. Now this is not a problem with only public WiFi networks, even your home network can easily be broken into (but that is separate topic). However, given the large number or people that are often using public WiFi networks and the fact that these networks are in such popular places like cafés and Airports or hotels means that a hacker has a big group of victims, all in one place. 

The Dangers of Public WiFi

So what are the problems that we can face by connecting to a public WiFi network. Well the simple answer is that a hacker can get on a public network and steal all the information that is passing through the WiFi network. This means that all your private emails and messages, all your bank transactions, any work you do by connecting to your office website, all this and more a hacker can potentially capture and store. So that if the sites you are visiting are not developed properly, important and sensitive information that you try to send to some website will be captured by hackers. 

So how would a hacker do something like this. One option for the hacker is to set up a WiFi network of their own that looks and feels just like the one you would expect to find at a hotel or an Airport. With a name like “Airport Guest Free WiFi” or “Fancy Hotel Lobby WiFi” and most people will simply connect up to the first open WiFi with the strongest signal. What you won’t know is that this is a WiFi network that the hacker created where a copy of all the communications to and from the internet is sent to the hacker. This allows them to store your passwords, bank account details and all sorts of other sensitive information, and even if your password is encrypted, they can try to break the encryption at their own leisure. These are not bedtime stories told to scare little children. White hat hackers (these are the good guys) have done exactly what I have mentioned and published details of their exploits (with the sensitive information hidden) so that people can realize the dangers of public WiFi networks. 

On top of this, even if you check and connect to the proper WiFi network, a hacker can still attack the WiFi device and route all the traffic through their machine so that they have a copy of all your internet traffic. This approach and the one mentioned above are both what are known as “Man-In-The-Middle” attack. The hacker basically sits between you and the internet and has a nice long look at the network traffic going to and from you. 

Another approach is the hacker can try and check your machine directly for flaws or some other weakness and try to hack into your machine directly. This way, they won’t care too much about your internet traffic because they’ll have access to your machine directly. This attack is even worse because if they are able to install some malicious program, your machine will continue to be under the hacker’s control even after you leave the public WiFi network. One good example for this would be how the WannaCry ransomware spread. This malware was so dangerous, because it was able to jump from one computer another without anyone even knowing and infect all the computers on the network that had the initial flaw in their machine. 

This brings us to the final problem with Public WiFi networks. The problem here is that someone could connect to the public WiFi network while having a virus or some sort of malware on their machine. Once this machine is on the network, the malware would automatically search for other machines on the same network that have a vulnerability and it would then use that to infect all the other machines on that network with that same issue. This way, even if there is no hacker, an entire network and all the computers connected to it could easily become a victim of a malware. This can be easily explained by taking a look at how the COVID-19 pandemic is spreading. The scenario explained above would be like a symptomatic or asymptomatic person entering a closed, airconditioned restaurant. When this happens, anyone who is not wearing a facemask or touches their faces without first sanitizing their hands cou;d become infected. This is the same way how a computer virus would spread on a public WiFi network where there are vulnerable or unprotected computers connected. 

What to Do to Stay Safe

Avoid connecting to public WiFi network

The most basic and best safety precaution is to avoid using public WiFi. Instead what you can do is to connect to your own dongle or WiFi device and browse the internet. Now this is not a popular option as it would mean that you have to use your own internet bandwidth. So if you don’ t want to take this option, at least consider this option if you are doing important work that has to deal with sensitive information. For example, if you were accessing your business’s website to do some work-related activities, or if you were accessing a personal bank account or trying to do e-shopping where your credit card is involved. In all of these scenarios at least switch off the public WiFi network and use your own. 

Preventing Your Machine from Being Discoverable

If you must connect to a public WiFi network one thing you can do is to turn off, your machine from being discoverable to other computers or devices. If you have a Windows 8 or Windows 10 machine, then you will be familiar with a question that is asked of you when you are connecting to a new WiFi network. The message “Allow this PC to be discoverable by other PCs and devices on this network…” is your first and basic step to protecting yourself on a public WiFi network. What this does is that other computers on the network will not be able to find your device mainly if they wanted to share content with you. Of course, this is a very basic step, and it actually does not hide you from a hacker. But it is a good first step.

Making Sure the Website is HTTPS and not just HTTP

This is not something that is just relevant when using a public WiFi network. It is also applicable when you are browsing any website. If you are about to share any sensitive information or connect to any website, the best and safest websites to connect to are HTTPS websites. You will know this by the little locked padlock symbol on the browser, next to the URL. This will indicate that the content going between the website and you are all encrypted so “ideally” no one can see the content. However, this is a weak fix, and there are ways that hackers can try to get around this layer of protection.

Using a VPN Connection

A VPN connection is your next option, if you want to operate on public WiFi network. How a VPN will protect you is by establishing a secure connection between you and the VPN server. This way, all the internet traffic that is going to the internet will first travel fully encrypted to the VPN server. From there only it will travel directly to the website you are traying to access. This will mean that if there is a hacker on the public WiFi network and they are looking at all your network traffic, all they will see is random meaningless gibberish going to the VPN server, because the actual content is encrypted across these open and public networks. This is your best shot of making sure that the content you send to the internet over the public network is safe. 

Ensuring Your Computer is Secure

This option is to make sure that your machine is not directly hacked by the attacker and to make sure that even if the attack is from a malware on another users computer, this virus is not going to land on your computer. In the case of the above COVID-19 example, this is like going to the restaurant but following all the health and safety guidelines to the letter. This way even if someone infected comes into the restaurant knowing they have the virus or without knowing, you will be safe. 

How you can achieve this is very basically by making sure that you download and install all the updates, especially the OS updates promptly and on a regular basis and also by having a good and fully active virus guard installed on your computer. 

 

With these steps, you can try to make yourself that much safer and make yourself a harder target for a hacker that is sitting and waiting for you on a public WiFi network. So next time you have to access the internet over a public WiFi network, think about this and try to do as many of these safety precautions as possible. 

ABOUT THE AUTHOR

Deshan Ilangakoon

"A creative writer, photographer, traveler and cyber security professional, Deshan has worked with several local and international travel magazines and other sources, to publish stories and reviews of places, sights and experiences around Sri Lanka. He has a passion to share his experiences through stories and pictures of the wonders of Sri Lanka."

Copyrights protected: All the content on this website is copyright protected and can be reproduced only by giving the due courtesy to 'hi.lk'.
Copyright © 2018 Wijeya Newspapers Ltd.