Penta Security Inc. > Blog > Public Wi-Fi: Stranger Danger

Public Wi-Fi: Stranger Danger

2016-08-19 Blog
cafe using public wifi on a laptop

Progress in the IT world have led to a good amount of changes in the past decade. Nowadays, we’re surrounded by technology and it’s a part of our everyday lives. One of these technologies that we don’t even give much thought to anymore is public Wi-Fi.

It certainly has made life a lot easier. We don’t have to consistently rely on the quickly-disappearing amounts of cellular data we have on our mobile phones. Especially in Korea, one of the most connected countries in the world in terms of network infrastructure and #1 in terms of internet speed, free public Wi-Fi is thought of as a given. It’s a win-win situation: Businesses will get more foot traffic from tourists or residents who are seeking a location with a Wi-Fi connection and entertainment, and customers will be connected to the Internet for free without the need to use their precious cellular data.

 

But the issue here is this: is public Wi-Fi really safe?

Cafes are often a popular place for students and freelancers alike because they provide nice ambiance, open spaces, and most of the time – free Wi-Fi. Many cafes have their Wi-Fi passwords on display at the counter, or written on the receipt. Most of the time it’s something easy like “1234567.” However, when a simple string of characters is on display, it’s no longer fulfilling its original duty of acting as a “secret code” to access a device.

And the fact is that there has been an increase in the hacking of public wireless routers as of late. The most prevalent of these hacking methods is called “wireless sniffing.” Just as the name suggests, wireless sniffers are specifically created to “sniff out” data on wireless networks. A sniffer is a piece of software or hardware that intercepts data when it’s transmitted. This decodes data so that it’s readable for humans.  If a wireless sniffer accesses your connection, your ID or password may be found, or your device could be infected with malware.

 

Awareness of Public Wi-Fi Security Issues

This is all anxiety-causing information, but we started to wonder two things in terms of application to the real-world. First, how is the security at some of the well-known establishments providing Wi-Fi ? And second, were providers (at cafes, bookstores, etc.) and users aware of security (or the lack thereof) for public Wi-Fi?

 

 

The Public Wi-Fi “Provider”

After surveying 20-odd establishments, we categorized them into three levels of security. In terms of “high” level, authorization and authentication was required in order to gain access. For “average,” a different password was set from the original factory settings, and for “low” – no changes had been made to the router since the point of purchase. Not surprisingly, we found that the larger chains offered higher measures of security than the domestic brands. Independent cafes rarely had the level of security necessary to secure a Wi-Fi connection.

We then conducted a short interview with either the employee behind the counter or the branch manager and found that many locations don’t regularly upgrade their firmware. Upgrading your firmware regularly makes sure that your router is stable and optimized to take on the traffic. Although it can be a tedious process, it’s a necessity. And while some locations changed their password after buying the router, it was often a simple password. Additionally, none of the establishments had been changing their passwords regularly.

Most cafes will have a simple password (or no password at all) because it’s more convenient. However, a few simple steps can set you on the right track to begin protecting your establishment. After all, a business needs to look at customer loyalty and long-term growth. That isn’t going to happen if you or your customers are hacked.

 4 easy steps to secure the public Wi-Fi of your establishment:

  1. Change the ID and password from the default factory settings regularly.
  2. Secure your Wi-Fi by changing settings to WPA (Wi-Fi Protected Access), rather than WEP (Wireless Encryption Protocol). WEP has issues of static encryption keys, making it easier to access..
  3. Block remote access
  4. Update firmware regularly

 

The Public Wi-Fi “User”

We went on to interview customers who were utilizing the public Wi-Fi at the cafes to get their views on security. However, we were surprised by the users because the knowledge of security issues was better than that of the providers. Although Wi-Fi users are sometimes aware that it may be unsafe, because it’s free and convenient, they ignore the risks and access the network anyway.

So what are the basic steps you can take that won’t take too much of your time/money?

 

4 Cautionary Steps for Using Public Wi-Fi

  1. Turn off sharing on your computer – make sure that remote login is not possible.
  2. Consider using a VPN (Virtual Private Network) when connecting to public Wi-Fi. Because it will encrypt your data, it can help prevent criminals from sniffing.
  3. Avoid sites that take your ID and password (i.e. banking, online shopping).
  4. Go to a cafe or public Wi-Fi hotspot where you know the security measures the provider takes.

But in all honesty, public Wi-Fi will never be “safe” in the sense that it will be void of any security risks.

 

And if you must…

It’s not realistic to say that all public Wi-Fi must disappear. In the digitized 21st century, connectivity is inevitable. In fact, it’s already happening. So the best thing you can do as a user and provider is to be cautious. Have these steps ready to execute. Extra steps are also possible with a firewall, anti-malware products, etc. But remember, the first step is the most important.

Tags: