You know those stories about public Wi-Fi networks being dangerous?
Yeah, we all heard about that stuff many times, but who would do that in this small cafe where I hang out every day? And, among all of the people out there, who would even bother with trying to hack me?
I don’t know about you, but I remember thinking exactly like this every time I heard these stories about public Wi-Fi threats. That was until I realized that hacking public Wi-Fi is a piece of cake!
Regardless of how unreal or distant they seem, public Wi-Fi threats are there. With the rapid development and increased affordability of programmable electronic sets like Raspberry Pi, public Wi-Fi hacking has never been easier.
Anyone can do it. You can do it! It’s not a big deal at all.
So, it could be about the right time to stop ignoring the warnings and finally protect your online activity on public Wi-Fi networks before you learn it the hard way.
Here, we will give you some tips on how to stay safe and have peace of mind while sipping your coffee at Starbucks (or wherever you are) and doing your stuff on your laptop.
1. Beware and Be Aware
The first and most crucial step is to convince you that these threats are real.
This is the hardest part. It might sound funny, but no joke.
Not many people know too much about hacking and how all that networking stuff works behind the ‘curtains’…
All you care about is getting your coffee, connecting to the internet, doing your stuff, and enjoying your time, right?
And then, when you hear these stories about the ‘public WiFi threats’; that phrase, that word sounds somehow mild. Like there’s just some kind of threat, and that’s it. Like it’s far away or does nothing.
Well, that threat has a name, and it’s the hacker. Once you call it a hacker, it starts to sound a bit more serious.
Let’s try to explain this real quick: It’s 2021. Anyone who can use Google and buy an 8-dollar Raspberry Pi can hack most public Wi-Fi networks out there. So, anyone can be a hacker.
This is real. It’s also alarming.
But, unless you are obsessed with networks, you don’t think as hackers do. And you don’t want to. That’s good, but it’s also bad. Because if no one thinks about security, then there is no security. And you would be surprised how often this is the case.
Moreover, we are used to thinking that hacking requires plenty of effort and skills. But the fact is that hacking through public Wi-Fi networks can be easy, and you don’t have to go to the dark web or anything like that to learn it. Actually, you don’t have to go any further than YouTube. It’s that easy.
Hacking into Phones Over Public Wi-Fi with Python
So, How Do They Do It?
Essentially what hackers usually do on public networks is mess with your laptop’s connection with the router.
Hackers can quickly set up devices armed with some publicly available hacking code to trick your laptop into ‘thinking‘ that they are the router, and at the same time, trick the router into thinking that they are you.
In other words, they become like small local ISPs (internet service providers) on that local network.
They act as a middleman between you and the public Wi-Fi router. They redirect all of your device’s communication with the router to their hacking device before they let you get to the internet and vice versa.
Once hackers have this kind of setup, you are handing out all your private information regarding your online activity into their hands.
In this kind of environment, they can record all of your online activity. While plenty of it will be somehow encrypted, you can bet that some of it won’t. And this is where they wait for their opportunity. Patiently.
They might be sipping their coffee next to your table while waiting for their stuff to do the work! Even worse, they could be doing this from the apartment just across the road or from far away.
And even if your online activity is entirely going through SSL encryption, it’s still not that hard to hack that as well.
What we described above is just a tiny insight into what’s going on there. And it is also just one of many ways of hacking on public Wi-Fi networks.
Which Data Can They Get?
It depends on how lucky or unlucky you are at the time. Still, in the best-case scenario, they can obtain plenty of information about you that can be used for other kinds of hacking attacks later on.
However, it’s not an exaggeration if we say that all of your traffic might be logged and monitored and that your passwords are in danger. Even if you are visiting websites with valid SSL (HTTPS) encryption, and don’t forget, anyone can do this with minimum effort.
Hacking into Someone’s Phone is Easy
2. Get a VPN
Long story short, if you want to use public Wi-Fi and feel safe, VPN is probably the only way to go.
Once you fire up your VPN, you pretty much become invisible to hackers on public Wi-Fi networks. Well, at least to most of them…
One of the most common selling points for VPNs is the promise that you will be able to access blocked content on YouTube, Netflix, change your IP address or browsing location, and do all that cool stuff.
But this is not the main reason why VPNs exist.
VPN helps with security when connected to public Wi-Fi networks by adding another layer of encryption to your internet traffic. So, as soon as you connect to the public Wi-Fi router, a tunnel of encrypted connection is set up between your device(s) and the VPN server.
After that, the only thing that hackers can see is that you are using a VPN.
VPN will even hide your activity from your ISP at home. So, your ISP won’t be able to track you directly as well.
Are you completely safe if you are using a VPN?
It depends on what you are trying to hide and from whom, but you are definitely ‘off the market’ for 99% low-level public network attacks.
Remember that you need to pick your VPN wisely since you are giving all of your internet traffic data to the VPN provider company. VPN companies can still log, reveal or sell your data.
Whatever you’ll be hiding from hackers by using VPN, you’ll be handing it willingly to the VPN provider company.
It doesn’t sound great, but this is the only way to go if you want to stay safe on public Wi-Fi.
3. Set up Your Firewall to Block All Non-VPN Traffic
Let’s say that you finally got that VPN, and you have it up and running on your laptop right now. Can you still get hacked even if you use VPN?
Even though you will minimize your exposure drastically just by using a VPN, you are still not completely safe on public Wi-Fi.
Let’s say that you just walked into Starbucks, got your coffee, and found a perfect spot to sit next to the window with a beautiful view. You pull your laptop from your bag, and you are finally ready to answer some emails, watch some videos and enjoy your time.
You got that VPN up and running, so you feel safe. Nothing can go wrong, right?
Well, it still can…
As you turn your laptop on, there is a critical time between your laptop connecting to the public Wi-Fi and your VPN client establishing an encrypted connection with the VPN server.
This can last just a couple of milliseconds. However, hackers could still be able to obtain plenty of your private data during that time, and even get some of your passwords in a snap of a finger, just like that!
Any app on your device that connects to the internet instantly is at risk in this case.
For example, email or instant messaging clients will instantly connect and check for updates, notifications, etc. This can happen before an encrypted connection tunnel is established between the VPN client and the server it is connecting to.
You can set up your firewall to get protected from this to block all non-VPN traffic. But this can be a bit complicated to do, depending on which VPN provider or operating system you use.
So, we will just briefly explain here how it works. You could additionally try to contact your VPN support to help you set this up. Even if they ask you to pay a one-time fee for help with this, it’s worth it.
Basically, you want to block any outgoing or incoming traffic except for your VPN. If you manage to do this successfully, you’ll be pretty much invisible to hackers.
But we’re not done yet.
4. Make Sure to Turn on Your VPN Kill Switch Feature
Suppose you managed to set up your firewall correctly. In that case, you might not need to worry about using this feature at all.
But as this is something easy to set up, you can add it as another layer of security. Just in case your firewall stops working or anything similar.
VPN kill switch feature is used to protect your data from being exposed in case of a sudden VPN connection drop.
This feature works as a VPN connection monitor. As soon as it detects that your VPN connection has dropped (which can happen from time to time), it will instantly block your entire operating system or certain apps from connecting to the internet.
So, this essentially works as a safety net if there’s some temporary issue with your VPN server. It prevents your laptop from connecting back to the public Wi-Fi unprotected.
5. Turn Off the File-Sharing Feature
Even with a VPN fully set up, as described above, you still might be in danger on public Wi-Fi. There is one final thing to do before you can finally get back to sipping your coffee and enjoying your time.
You need to make sure your file-sharing feature is turned off.
You don’t even have to be a hacker to exploit this feature. For example, someone could unintentionally stumble upon your shared folder on public Wi-Fi and if your file-sharing feature is not turned off, they could see whatever you have shared there.
But this one is really easy to do. Just turn off the file-sharing feature whenever you don’t need it.
Enabling/Disabling File Sharing on Windows
Enabling/Disabling File Sharing on macOS
6. Don’t Use Public Wi-Fi At All – Use Your Phone’s Hotspot Instead
All of the tips we listed here so far will increase your online security massively whether you are connecting from your home or through free Wi-Fi in your hotel room, on the other side of the world.
However, if you don’t travel too much and if you have a data plan on your phone, there is one legit way to skip all of the steps above and still stay safe.
Yes, that’s right, if you don’t feel like doing all of the stuff we listed above, you can still do this one thing instead that can give you almost the same level of security.
And this is very simple. Just don’t use public Wi-Fi at all.
It’s 2021; everyone has a smartphone with a data plan on it. If you have that, just set up a hotspot on your smartphone and use that instead of public Wi-Fi.
You see, if you don’t have VPN, free public Wi-Fi, even if it’s way faster than the internet you have on your phone, given how unsafe it is, is not worth it.
So, even if the internet speed on your phone is a bit slower than the public Wi-Fi, it is still better to use.
Are you completely safe while connected to your own hotspot?
Yes, if you set up a password-protected hotspot on your phone, you can freely connect your laptop to it and use your phone’s internet.
This way, your laptop won’t be participating on the public WiFi network, and you will be far away from the threats we described above. However, make sure that your hotspot password is fairly strong and don’t use something easy to guess.
Even though we use the internet every day, many people still know too little or nothing about online security. We often tend to forget that rapid technology development works for hackers as well.
It’s never been easier to become a hacker. And one of the easiest ways for hackers to steal data is to exploit public Wi-Fi networks.
Still, public Wi-Fi hotspots are widely used. For example, it’s not uncommon to see people literally pushing each other in Starbucks to get a free table and do stuff on their laptops.
What’s even worse is that many people think they are completely safe.
Here, we explained how public Wi-Fi threats are real, and we gave you some solutions to this problem. If you implement everything we listed above, you will be totally off the market for this kind of attack.
You will also learn a lot about online security in general. It’s not that hard, and it has become mandatory given how often we do stuff online.
Q: Can hackers monitor SSL traffic on public Wi-Fi networks?
A: Unfortunately, yes. Browsing only SSL (HTTPS) secured websites on public Wi-Fi won’t really protect you from hackers. While it’s true that it is way easier to hack non-SSL browsing, it’s still fairly easy to do this even if you only browse SSL-protected websites.
SSL itself is hard to encrypt, but it is not hard to bypass once the hacker makes a setup where they act as the router.
This is known as the ‘Man in the middle’ attack, one of the most common ways of hacking public Wi-Fi networks. This is done that way that hackers use a device that acts as a fake router, tricking or forcing the target’s device to connect to that device. In this case, the SSL session from the targeted device is being terminated on the hacker’s router. This way, hackers can capture unencrypted data before they get to the final destination, i.e. the server. Of course, the same setup works when the target is receiving data.
Q: Is password-protected public Wi-Fi safe?
A: Not at all. It’s still public Wi-Fi, and anyone can get that same password easily.
So, if anyone can get the password, it is pretty much the same as there’s no password.
Password protection only helps to stop hackers from entering the network. But if they have the password, they can do whatever they would be doing on open Wi-Fi networks.
Q: Will private browsing protect me on public Wi-Fi networks?
A: Private browsing won’t protect you on public Wi-Fi at all. If you think that going into the incognito mode will prevent possible attacks on public Wi-Fi networks, it just doesn’t work that way.
Private browsing is meant to protect you from websites collecting data about you, and it can help when you are sharing your device with someone else in regards to storing your browsing data. But it won’t protect from the other kinds of attacks mentioned above in any way.
Q: Will antivirus programs protect me from public Wi-Fi attacks?
A: No, they won’t. Public Wi-Fi attacks are usually done completely off the target’s computer. Hackers don’t have to deal with the target’s device at all because public Wi-Fi hacking is usually done by simply intercepting the targeted device’s communication with the public Wi-Fi router.
The only case where it could help is if the hacker is trying to exploit the file-sharing feature on the targeted device.
Hey, I’m Jeremy. I hold a bachelor’s degree in information systems, and I’m a certified network specialist. I worked for several internet providers in LA, San Francisco, Sacramento, and Seattle over the past 21 years.
I worked as a customer service operator, field technician, network engineer, and network specialist. During my career in networking, I’ve come across numerous modems, gateways, routers, and other networking hardware. I’ve installed network equipment, fixed it, designed and administrated networks, etc.
Networking is my passion, and I’m eager to share everything I know with you. On this website, you can read my modem and router reviews, as well as various how-to guides designed to help you solve your network problems. I want to liberate you from the fear that most users feel when they have to deal with modem and router settings.
My favorite free-time activities are gaming, movie-watching, and cooking. I also enjoy fishing, although I’m not good at it. What I’m good at is annoying David when we are fishing together. Apparently, you’re not supposed to talk or laugh while fishing – it scares the fishes.