Threats & Vulnerabilities Wi-Fi Usage Threats & Vulnerabilities


Public Wi-Fi Usage
Public Wi-Fi networks are everywhere these days and their convenience is undeniable. Mobile data on phones can be limited by the size of your plan or the coverage of a cell phone tower, and Wi-Fi is a great tool as it untether devices (and the people using them) from having to be near a physical jack in the wall and also allow people to look up information on the go.  Wi-Fi networks can be found in stores, restaurants, hospitals, and other public venues. Your workplace may even have Wi-Fi networks for visitors and employees to use at their leisure. They’re But it’s wise to keep in mind that public Wi-Fi networks are never secure. Not even if you are given a password to log on.
 
  • Another user could potentially see the information you are sending across a network.
  • A bad actor could “spoof” a network that you accidentally connect to. Network spoofing is when a bad actor sets up a Wi-Fi network and names it to look like a legitimate Wi-Fi access point. As the administrator of that Wi-Fi network, they can see everything occurring on it.
  • Even if a Wi-Fi network is legitimate and has a password, the administrator can see all of the traffic, and potentially all of the information, moving across that network. While most employees are good, some may have bad intentions.
 
At the moment, your phone’s data connection (the stream of internet access you receive through a cell tower) is more secure than using public Wi-Fi. If possible, use that to get access to information online. Using your cell phone’s hot spot capability to connect other devices to the internet is also more secure than using unsecured or public Wi-Fi, but you should check your cell phone contract terms to make sure you have that feature available before using it. Should you absolutely need to use public Wi-Fi, keep a few security tips in mind:
 
  • Always make sure that you are connecting to the right Wi-Fi network. If you open your Wi-Fi connection screen and see multiple networks, ask someone who will be able to point out the correct one for you. If you see multiple networks with the same name, do not connect to any of them. One or more of them might be spoofed.
  • Never send confidential information over an open wireless network. Always use sites that have HTTPS protection (identifiable by the little padlock next to the address bar or an indicator that marks a site as secure). This means that the information being sent through the site is encrypted and anyone “watching” will not be able to decipher it.
  • If you need to look at confidential information, or you just want to prevent any sort of snooping, you can purchase yearly licenses for a VPN (virtual private network) for all of your devices. VPNs encrypt all of your browsing between your devices and whatever service or site you are accessing. Many times, your workplace will provide a VPN if you are authorized to work from home. Check with your employer first to see if it can be used for other activities.
  • Check for shoulder surfers. Always make sure that no one is peeking over your shoulder to see what you’re looking at or what you’re inputting into a device.
 
At-Home Wi-Fi Use
Your home router is the front door to your internet “home.” Every internet-connected device in your home must access a router in order to reach the internet, and these days, that’s a lot of devices. Thermostats, security cameras, robot vacuums, phones, tablets, gaming consoles, and more are all computers that connect to the internet. Some of these devices are called “Internet of Things” (IoT) devices, which usually refers to certain appliances or electronics that also have internet connectivity. Securing these devices should be your first priority while you’re setting them up, and that starts with having a strong, long, complex password for your router. This password can be longer and more complex than your other passwords since you will only need it when adding new devices to your network.

A lot of new routers come with stronger passwords right out of the box, but it’s a good idea to change it to something stronger if you can. Also, your router has an administrative panel that you can access after set up; this panel has a separate username and password that is usually generic and the same across all models of router. Be sure to change this password as well, as someone who has access to your network can easily access this panel and change settings. Refer to your router’s manual on how to access this panel and change the administrator password.

You may have guests that come over to your house from time to time that ask for access to the router for their devices. Anyone can access any unprotected documents on your computer or control other devices if they have access to your router. Many modern routers come with the capability to set up “guest” networks, allowing users to set aside a portion of their bandwidth for visiting guests and section them off from all of the devices and sensitive data stored on other devices. This is a valuable option, especially if you have frequent visitors or visitors that you don’t know well.