After years of warnings from security experts, Europe’s top cybercime police officer has finally said that public Wi-Fi networks are unsafe. That’s because everything and anything you do while connected to a public Wi-Fi hotspot could easily be seen by criminals looking to steal your identity, access your emails and empty your bank account. Whenever you connect to a hotspot in a café and then check your emails, you should be prepared for the possibility that everyone else in the room can steal your password and hijack your account.
Hackers are increasingly targeting public Wi-Fi networks as a way to steal identities, passwords and money, according to Troels Oerting, head of Europol’s cybercrime centre. “We should teach users that they should not address sensitive information while being on open insecure Wi-Fi internet. They should do this from home where they know the Wi-Fi and its security, but not if you’re in a coffee shop,” he warned. As public Wi-Fi is now commonplace it’s an easy target for criminals who want to hack your PC.
It’s impossible to check if a Wi-Fi network is safe or not
In July 2012, an investigation into free public Wi-Fi revealed how easy it is for people to fall foul of rogue wireless networks and inadvertently reveal their passwords and other personal information. When we set up a fake Wi-Fi network that explicitly warned people not to connect, a staggering 85 per cent of people still logged on. That was despite them having to agree to terms that stated we could see everything they did while connected.
And the dangers still remain. It’s impossible to check if a Wi-Fi network is safe or not and you’ve no reason to trust anyone else who’s connected to it. You might be sitting in your local library and connect to a network called ‘Library Wi-Fi’, but that network could be run by criminals who have cleverly given their rogue Wi-Fi hotspot a name that might sound official.
Data-protection laws mean that spying on Wi-Fi networks is illegal, but the technology to do so is freely available and easy to use. In 2012, we demonstrated that public Wi-Fi networks were inherently unsafe and that remains true today. Hacking public Wi-Fi networks is easy because of how the internet works. When you visit an unencrypted website (one that starts http://) a connection is made between your PC and the site. It’s a bit like sending a postcard – anything you’ve written can be read by the postman, so you probably wouldn’t write anything personal or sensitive.
The other type of web traffic is encrypted (encrypted sites are prefaced with https://). Websites like Gmail, Facebook and your online bank use a secure connection and this, in effect, puts your postcard in an envelope so nobody can see what you’re doing. But just as someone can rip open a letter that’s not addressed to them, hackers can break this secure connection and grab your passwords, personal information and banking details.
For that reason you should never do anything private on public Wi-Fi. Public networks are fine for checking the news and finding out train times, but private, secure browsing should always be left to a network you can trust.
The Facts of About Public WiFi
- Europe’s top cybercrime police officer has warned people never to do anything private using public Wi-Fi hotspots
- When we created our own dangerous’ Wi-Fi network in 2012, a staggering 85 per cent of people still logged on despite a message warning them that we could steal their passwords
- Data-protection laws make it illegal to monitor Wi-Fi networks in this way, but tools to do this are easy for hackers to find and use