Reports state that around 22 million adults in the U.S. work remotely. With working from coffee shops and other public workspaces becoming more common, how can mangers ensure employees are working securely whilst connected to public Wi-Fi?
Cloud based application security company, Indusface has told Digital Journal about the worst places to connect to public Wi-Fi, detailing the cybersecurity risks and red flags to look out for.
The worst places to connect to public Wi-Fi:
Restaurants/Coffee shops
Large restaurants or coffee shops see numerous customers pass through their doors daily, all of whom have access to the public Wi-Fi that the venue offers. This open access can leave users vulnerable to hackers who are able to exploit the lack of security in the Wi-Fi network and utilize this to access user data, otherwise known as a MITM (Man in the Middle) attack.
From this, hackers can access information around aspects such as websites that users visit, browsing activity, and more personal information such as passwords and financial transactions. This can leave user logins and other private employee data vulnerable to being stolen by a hacker.
Hotels
Hotel Wi-Fi can prove useful to employees whether on a business trip or catching up on uncompleted work, however, hotel Wi-Fi often provides full public access, meaning anyone can access and monitor it.
Router hacking is just one of the ways hackers can take advantage of open access hotel Wi-Fi. This involves hackers or cybercriminals gaining control of a router in order to take advantage of its vulnerabilities, resulting in access to personal and sensitive information.
This can be a threat to anyone who is on the hotel’s Wi-Fi, as their personal information can become available to hackers using this method.
Public Transport
Despite many employees working in a remote or hybrid capacity, certain roles will still require travel to and from work meetings from time to time, and Wi-Fi on public transport such as trains can be useful if you have work to complete before getting to your destination. Nevertheless, its safety and security can be easily compromised by hackers due to its open access, making it a frequent target for attack.
As such, utilizing Wi-Fi on trains for completing work whilst commuting can leave many employees susceptible to hackers who could gain access to important business data, financial data, or even private and personal information such as logins.
One way hackers may exploit data via transport Wi-Fi is through Malware attacks. This entails cybercriminals interfering with a device in order to gain access to its information. This is common on unsecure networks as hackers can easily access devices when connected to the same Wi-Fi as their victims.
Airports
Thousands of people can use airport Wi-Fi at any time, giving them access to anything they may need, from flight information to completing work before a business trip. Airports are therefore hotspots for cybercriminals looking to target personal information such as passwords or even financial data such as credit/debit card details.
Employees traveling for business should be cautious of business email compromise (BEC). This involves hackers attempting to access email accounts to carry out fraud, such as transferring funds.
Another method cybercriminals may utilise is identity theft or compromising your account. Hackers can intercept data you send over an unsecure network, therefore, any information that you input – such as passwords, could be used to break into your online accounts or even steal your identity via compromised passport information.
Additional steps businesses and employees can take to help protect against cyberattacks
It is vital not only for employees, but for businesses, to ensure that they are adequately protected when using public Wi-Fi. There are numerous methods you can use to do so.
Key advice is as follows:
- Turn off the auto-connect Wi-Fi setting, as this can automatically connect you to open access public networks nearby that may not be secure, and can leave you vulnerable to attack.
- Utilize a VPN (Virtual Private Network), as this can help ensure your data isn’t visible to hackers as it goes through the network you are on. If it becomes visible, hackers can breach your digital privacy and gain access to your private company or personal data.
- Ensure you have anti-virus software installed on your device. This can help protect you whilst using public Wi-Fi, as it has the ability to detect malware that may find its way into your system whilst using the public network. The software will issue an alert to you if any viruses are on your device, if there is any suspicious activity, or attack.
- Perform gray box DAST scans on all your web and mobile applications so that you know the exact risk when the admin or user credentials get compromised. Once you understand the risks, mitigate them on code.
- Implement a Web application and API Protection(WAAP) solution so that when your employee’s endpoint gets compromised, the attacks that originate out of that compromised endpoint get blocked at the WAAP.
Additional data was based on advice from reputable sites such as www.rd.com and www.moneytalksnews.com.