As our world becomes more connected, we seem to have an insatiable demand for bits. Some much so that we are willing to take risks in order to get the bits when we want them.
Public WiFi is one of those risks. Whether it is the hotel that we are staying at, a meeting in someone else’s office, a Stabucks, the airport or on an airplane, the WiFi we are connecting to exposes us to risk. If you understand that risk then more power to you.
Two recent events bring this to the forefront.
First, Google “Darkhotel Malware”. Darkhotel is an example of a hotel’s WiFi getting compromised. Guests that connected to it were pushed updates – purported to be Flash updates – that were really malware. At that point, the attacker “owned” those laptops. Or phones. Or pads.
Second, Yahoo (is that a verb?) “Inngate Router attack”. Inngate is the system used by a lot of hotels to provide Internet access for guests – both wired and wireless. The Inngate Router has a flaw that allows an attacker to access the route file system of the router. Researchers found hundreds of these routers were accessible on the Internet. This flaw would allow an attacker to compromise the system to push updates to your device like DarkHotel above, monitor and record your traffic and, if the hotel uses that same network for hotel traffic, access the reservation and keycard system.
Bottom line, IF you do use a public Internet connection, you should assume that the connection is compromised or at least suspect.
Give that, what are some rules you should follow?
1. Do not use public Internet connections for anything you consider sensitive. Banking. eCommerce. Stuff where you will have a financial loss if it is compromised
-> in fact, it is safer to use your cellular connection even though nothing is perfect.
2. Never install an update when you are on a public Internet connection. Even if the update says that the world is going to end or the earth will spin backwards and cast us all into outer space. DON’T. DO. IT.
3. If you can, use a VPN. VPNs, or virtual private networks, are a digital tunnel from your computer to the VPN provider. Everything in that tunnel is encrypted, so even if WiFi is compromised, it is harder for the bad guys to see what you are doing. Many corporations use VPNs and there are public VPN services – some free and some a few bucks a month – than anyone can use.
4. Make sure that you are connecting to the right WiFi connection. In the recent Anthem Blue Cross breach, the attackers used a domain called We11point (Anthem’s old name) instead of Wellpoint. Attackers might create another WiFi hotspot with the identical (WiFi names do not need to be unique) or similar name, hoping you will connect to their WiFi instead of the real one.
5. Pay attention to pop up windows, license agreements and the like. Avoid clicking on anything that you are not sure about. Remember, the bad guys will make it look like a real deal. To paraphrase someone – Just Say No!
6. Disconnect from the WiFi AS SOON AS you are done doing your Internet thing. You can always reconnect later. It is not a “limit one connect per customer” deal.
7. As a gross generalization, WiFi from large corporations is likely to be more secure than from mom and pop shops. Of course, the Inngate and DarkHotel attacks above negate this rule, so don’t put too much faith in this rule.
8. Beware of shoulder surfers. If you can get your back to the wall so that no one can stand behind you and watch you surf, that is optimal. But shoulder surfing works from the side too, so be aware of your surroundings.