INSIDE THIS ISSUE: Beware of Public Wi-Fi
Common Security Risks with Public Wi-Fi
How You Can Protect Yourself
For More Information
Common Security Risks with Public Wi-Fi
If you use free Wi-Fi networks such as those found in airports and coffee shops, you may be interested in knowing the risks involved. Here are three common ways attackers can access your portable device and some simple ways to protect yourself when using public Wi-Fi networks.
Honeypot Wi-Fi Networks
A honeypot Wi-Fi network is a wireless network which an attacker sets up in a common place, such as a coffee shop where people expect to find free Wi-Fi. The attacker may name his wireless network according to a business in the vicinity or he might impersonate the name of a nearby legitimate Wi-Fi network. If the attacker successfully lures you onto his honeypot wireless network, he can probe your device for vulnerabilities, plant malicious code on it, and steal your logon credentials.
Packet Sniffing
All your communications over the Internet are broken down into tiny data “packets.” Attackers can easily intercept these packets, even on legitimate Wi-Fi networks. When they do it’s called “packet sniffing” and attackers may be able to intercept any usernames, passwords, emails, and files you send.
Shared Folders
If your laptop is set to share folders automatically, then anyone, including an attacker, may be able to access what you are sharing when you are using public Wi-Fi. Alternatively, an attacker can set up a shared folder on a public network which you might see under your shared folders. The attacker might place files in his shared folder with names like “sexyphoto.jpg” or “diary.txt.” These files could actually be viruses in disguise, designed to compromise your computer.1
1 Fox News: 3 Ways Crooks Attack on Public Wi-Fi
How You Can Protect Yourself
The following tips can help you protect your privacy while enjoying the convenience of public Internet access.
Defend Your Device Against Internet Threats.
Make sure your computer and portable devices are running up-to-date anti-virus, anti-spyware, and firewall software.
Keep all software (including your web browser) current with automatic updating. Never update your software on a public Internet connection.
Use strong passwords. Fido57^fluffydog! is strong. fido123 is weak.
Use different passwords for each of your login accounts. If an attacker intercepts one of your passwords, at least he won’t be able to login to all of your accounts.
Control Your Wi-Fi Settings.
If you’re using your computer in an area with public Wi-Fi access, but not using the Internet or sending email, disable Wi-Fi on your device. Not only is this more secure, but it will also extend your battery charge.
Configure your wireless settings to always prompt you before automatically connecting to any Wi-Fi network.
Avoid typing any sensitive information when using public Wi-Fi.
Avoid sensitive transactions such as paying bills, accessing bank accounts, or using your credit card when connected to public Wi-Fi. If an intruder is “sniffing” your traffic on public Wi-Fi, at least he will not be able to access this sensitive information.
Choose the most secure network.
Always carefully select which, if any, public network you access rather than allowing your device to connect automatically. If you do not recognize a Wi-Fi access point or if you are not sure whether it is secure, don’t connect to it.
Verify the name of the Wi-Fi network with the providing business to ensure that it is legitimate.
Remove sensitive data from your mobile device.
Remove sensitive data such as financial information, passwords, bank statements, and Social Security numbers from your mobile devices. Leave sensitive data on your home machine.
Be Cautious With File Sharing.
Make sure automatic file sharing is disabled whenever you are connected to a public Wi-Fi network.
Do not open shared folders or files that you do not recognize.
For More Information
For additional information on using public Wi-Fi safely, please utilize the following resources:
Kaspersky Lab Public Wi-Fi Risks and Why You Don’t Have to Fear Them
CNET Five Ways to Protect Yourself from Wi-Fi Honeypots
USA Today
Free Wi-Fi? Beware of Security Risks
National Cyber Security Alliance http://www.staysafeonline.org
Citywide Information Security Policies and Standards are available at: http://cityshare.nycnet/infosec
Please report security violations, issues, and questions to the Citywide Service Desk at: 212-NYC-HELP (212-692-4357) or 718-403-8888
Follow Us