Let's talk about those things, which come at no additional cost or we don't pay anything for them, and how dangerous that could be. Go to malls, airports, café, metro stations etc., where lots of such facilities are available.
All physical things like table, chair, food, room etc. are visible, but we cannot see our data and our privacy. On the other hand, hackers are ready to break into our security systems. Unfortunately, those internet thieves are also invisible. This virtual world makes things worst when someone wants to steal our private data. There is so much personal information like our bank details, and other important information in our mobile phones and laptops, which can be scanned by various penetration testing tools to identify vulnerabilities.
Why is public WiFi a bad idea?
When we want to connect to an open network, we send data (information) from our devices (mobile phones, laptops etc.). That data is open and unencrypted, and floats in the air. Internet thieves can collect and analyze the data to meet their goals. Our mobile phones and laptops are equipped with built-in WiFi adapters. That built-in wireless functionality looks for a hotspot. It is not concerned about our data security, privacy, and how sensitive information we want to send and receive. The built-in wireless functionality just helps us to connect to a WiFi hotspot. Its job is to find the strongest internet connection.
You go to a café, where an open network is available. You start the laptop, and then the built-in adapter looks for a WiFi hotspot. There are internet thieves in the same café, who are trying to scan all the active devices. The hackers discover that your WiFi adapter wants to talk to a hotspot. They have already created their own WiFi hotspot, which can be accessed by any mobile phones, laptops, or other devices. There are lots of tools and software programs available, which can capture the packets (the data or the information) that go out of your machine, and float in the air. They are able to capture all those packets, and can store them on the Hard Disk of their machine. These packets include your pictures, URLs, and the websites that you visit. All these things float around in the café, which can be scanned, captured, stored, and then analyzed by the internet thieves.
There are a few things like HTTPS security, network names, SSL certificates, encrypted connections etc., which are designed to protect us. But, we need to understand that hackers are also aware of all these security measures, and they know how to break these barriers.
For example, we connect to a fake 'Free WiFi' access point, which connects us to the hacker's laptop. We start using the free internet. On the other hand, the internet thief monitors our online activities. Whatever we do on the internet, the hacker is able to see it because all the data is being stored on their laptop. If we go to a website, where our Login ID and Password are required. He or she can create a fake website (a clone of the original website), and redirects us to the fake website. We enter our ID and Password, but the website says that the password is incorrect. Next, we are redirected to the original website where we again enter our user ID and password, but this time the website does not say that the password is wrong because we are on the right website. We open the website, and start exploring the stuff. In the meantime, the hacker has successfully stored our ID and password on their laptop.
There are a lot more hidden dangers of using an open network than the above-mentioned examples.
How can we protect us in public (free) WiFi environments?
1. Carefully check the network name (SSID). Please make sure that we connect to a legitimate service. Look around, and talk to the authorities to identify the correct network name. Do not connect to any random access point.
2. If possible, do not access important websites and apps where we need to use our IDs and Passwords.
3. Try to avoid it completely. If necessary, use it for a short time of period.
4. Private WiFi hotspot with our mobile phone data plan is also a good idea. It is quite easy to set up the Mobile Phone Hotspot on WPA2 PSK (Recommended security setting), and use that internet in the laptop or other devices.
5. Do proper homework before using an open network.