Public WiFi is considered by many to be a convenience and a necessity. WiFi enables people to connect to work, news and family at all times and without incurring the cost of an Internet provider. But what about the security vulnerabilities of public WiFi? We were intrigued with a Lastline report recently shared by TechRerublic. In a grown-up version of the child’s game “Would You Rather?”, security professionals were surveyed on several points, one being “Would you rather walk barefoot in a public restroom or use public WiFi?” The report indicates nearly half of security professionals would rather walk barefoot in a public restroom than use public WiFi. We get it – public WiFi networks are hard to secure. Imagine the time you could save and how much more efficiently you could work if you were able to safely send and receive information – including classified data – from your mobile device over public WiFi…

 

The Dangers Of Public WiFi

The biggest security threat associated with public WiFi is the interception or theft of private communications and data by bad actors. This happens in several ways. Hackers may launch a man-in-the-middle attack by positioning themselves between the user and the WiFi hotspot. In this way, all information relayed over the hotspot (log-in credentials, important emails, sensitive documents) goes to the hackers who use the information to gain access to corporate networks or personal accounts. In a related technique, termed a “honeypot”, hackers will set-up a network using a name similar to that of the actual public WiFi network in hopes of capturing users who mistakenly log onto the fraudulent network. Unsecured public WiFi connections can also be used to distribute malware onto user devices. When malware is attached to a downloaded file, it infects the entire organization if the user later shares the file lon the corporate network.

 

Airports frequently provide free or low-cost WiFi to travelers. Unfortunately, these free WiFi networks are generally unencrypted, unsecured and improperly configured. They are also prime locations for deceptive networks. Business travelers may log onto the free WiFi or fraudulent network and unintentionally share information with cyber criminals, providing an entry point to their organization’s corporate network. Now consider there are 5,000 commercial airports in the United States and approximately 750 million domestic airline passengers per year (based on 2017 data) and you’ll get a clearer picture of the scope of the problem.

 

The Dangers Of A Captive Portal

Many public WiFi networks utilize an initial display screen, also known as a captive portal. The message on the display asks users to agree to terms and conditions of use and may also require users to supply personal information. The type of information collected by a captive portal (name, email address, social media account and sometimes even a credit card number) is attractive to cyber criminals who will launch an attack to intercept the information.

 

Robust Cybersecurity Measures

Many people who work remotely or travel frequently for work use a virtual private network (VPN). Practically speaking, a VPN should protect your data over public WiFI – as it encrypts the data before transmission. However, not all VPNs afford the same level of protection. Attila’s GoSilent Client and SilentEdge Enterprise Server is eligible to be used as an IPSec Virtual Private Network Gateway component in a CSfC solution (more information can be found at www.nsa.gov). In addition ton meeting the NSA’s stringent security guidelines for the transmission of classified data, the device contains a built-in VPN and firewall, so there’s no need to download and integrate software. GoSilent is about the size of a Tic Tac box, and is easy to deploy and use…You can take GoSilent from your pocket or briefcase, plug it into any IP-enabled device and then send or receive classified data safely and securely over any public WiFi.

GoSilent technology is currently installed at governments and enterprises across the globe, providing visibility, control and threat defense across physical, virtual and cloud applications.  Learn more about Attila’s next-generation technology.