“WiFi Finder” is a popular hotspot finder app that is used to locate free wifi spots nearby. Unfortunately, the company utilized a database with minimal security to store information such as the Wi-Fi network name, its exact geolocation, its basic service set identifier (BSSID) and network password. All this data was stored in plain text. While the app developer claims the app only stores passwords for public hotspots, after a review of the data, countless home Wi-Fi networks were also discovered.
The biggest threat to free Wi-Fi security is the ability for the hacker to position himself between you and the connection point. So instead of talking directly with the hotspot, you’re sending your information to the hacker, who then relays it on. While working in this setup, the hacker has access to every piece of information you’re sending out on the Internet: important emails, credit card information and even security credentials to your business network. Once the hacker has that information, he can — at his leisure — access your systems as if he were you.
Utilizing free Wi-Fi in public locations is a major security risk, however, there may come a time when your only option is an unsecured, free, public WiFi hotspot, and your work simply cannot wait. If you must use public Wi-Fi there are a few steps you should take to stay safe (well….as safe as possible….because you shouldn’t use public Wi-Fi).
What to do:
- Use a Virtual Private Network (VPN).
- Disable file sharing on your device.
- Log out of accounts when you are done.
- Only visit sites using HTTPS.
- Disable Wi-Fi auto-connect.
- Turn off Wi-Fi (and Bluetooth) when not in use.
- Access Web sites that do not hold sensitive or personally identifiable information (i.e. don’t do your banking while waiting for your flight).
While not all Wi-Fi is a security risk, without the right protection your personal information could become public information.