Friday, March 1, 2019

How a VPN Keeps You Safe When Using WiFi

By: David Schuchman
       Princeton Technology Advisors, LLC


Nowadays, WiFi hacking is a common occurrence. Whether your mobile device (PC, tablet or smartphone) is connected to the internet via a private or public WiFi, your connection to the internet may not be as secure or private as you may think. When using WiFi you are vulnerable to theft of your data, or worse - your personal information and finances. 

Your Internet Connection
When in or outside of your home, you connect to the internet via a router. Most home routers have built-in WiFi, and most stores and offices have WiFi added to their network. Since a WiFi service can cost $40/month or more, or you may be asked to pay an hourly charge to connect in public, it's not uncommon for people to search for and use free WiFi.

The features that make free WiFi desirable for you also make it desirable for hackers. That being, it requires no authentication to establish an internet connection. And, it may easily be hacked (illegally accessed) to gain access to the online users. Not taking the necessary precautions can lead to lasting harm. For mobile devices, the harm is digital: the theft of your personal data, such as passwords, financial information, and private documents, pictures and videos.

How Hackers Get Access to Your PC Data
The most common method of attack is known as “Man in the Middle.” In this method, internet traffic is intercepted between the end-user’s device and the destination by making the victim think the hacker’s machine is the access point to the internet. In this case, you log on to the free WiFi at your location thinking you’re joining the provider's network. But somewhere nearby, a hacker is broadcasting a stronger WiFi signal from their laptop or smartphone. They trick you into using it by labeling it with the location's name (e.g. Library Free WiFi). Recognizing the name of the location where you are, you innocently connect to the hacker’s network. As you surf the web or do your online banking, all your activity is being monitored and even captured by the hacker.

Also, if you use the location's actual WiFi, it is often unsecured and vulnerable to a hacker's intrusion. Even WiFi that requires a password can be hacked when the hacker uses a password hacking tool.

Although antivirus protection and firewalls are reliable methods of cyber defense, they are useless against hackers that gained access to WiFi networks. That's because the hackers are not using virus software to gain access to your devices. You willingly connect your device to an unsecured network essentially allowing the hacker to look at what you are doing.

I read a nice analogy of how theft occurs when you are using public internet. Imagine you are walking on a crowded sidewalk or in a busy mall. You just left one place and you're heading to your next destination. Lots of people are walking around you. While you feel safe, you accidentally bump into another person. While you did not intend to bump into that person, they may have intended to bump into you. The end result is that person picked your pocket.

What is a VPN?
With a Virtual Private Network (VPN), you create a secure, encrypted tunnel between your computer and a remote VPN server. The data is essentially gibberish to anyone who might even be able to intercept it. A VPN will also protect you when you inadvertently connect the the hacker's WiFi.

So, consider the same scenario about the crowded sidewalk. In this case, before you leave to go to your next destination, you initiate a tunnel that lets you walk privately and securely alongside the other people. Nobody can get into your private tunnel while you have it turned on. Even if they can see you are in your tunnel, they can't see who you are. So, nobody can "pick your pocket".

A VPN can be either hardware or software. For most personal devices, the VPN is a software application or app. For a medium to larger computer network, the VPN may be its own network appliance or software within another network device.

How a VPN Protects You
To become protected by a personal VPN, you typically subscribe to a VPN software service. You pay for a subscription monthly or annually, usually at a cost of a few dollars per month. Many of the VPN providers offer a big discount for your initial subscription. Some subscriptions cover one device, others cover multiple devices. Once you install the software on your device, here's what you do when on public WiFi:
  1. Using your device, find and connect to the public WiFi, even if it is completely free and does not require a password. That establishes your internet connection.
  2. Now that you have an internet connection, start your VPN app.
  3. Follow the VPN app login instructions. That will connect your device to the VPN service and establish the secure VPN tunnel.
You may now surf the web securely.

VPN Providers
While I will not recommend any specific VPN app providers in this post, here is a list of a few of the popular VPN software, as per CNET: NordVPN, ExpressVPN, Hotspot Shield, PureVPN and CyberGhost VPN.

Alternatives to Using a VPN
If  you don't yet have a VPN service, consider these steps to reduce your risk of a security breach when using public WiFi:
  • Don’t use public WiFi to shop online, log in to your financial institution, open your email, or access other sensitive sites - not ever! While hackers may see your activity, at least they won't see your means to access data.
  • Implement two-factor authentication when logging into sensitive sites. That way if hackers have the passwords to your online banking, social media or email accounts, they won’t be able to log in. The online account service will send your device a code (the 2nd level of authentication), but not via the internet (e.g. a text message) to confirm your access.
  • Turn off the automatic WiFi connectivity feature on your device so it won’t automatically seek out and connect to public internet hot spots.
  • Turn off your Bluetooth connection on your device when in public places to ensure others are not intercepting your transfer of data.
  • Acquire an unlimited data plan for your mobile devices. Then, use the device's cellular data plan for your internet activity and stop using public WiFi.

The more you take your chances with using a public WiFi connection, the greater the likelihood that you will suffer some type of security breach. The better you protect yourself, the greater your chance of minimizing the potential damage. Using a VPN is a very reliable way to minimize the risk of a data breach when using public WiFi.


Click HERE to contact David regarding this or any other blog post. In addition, we welcome comments which you can enter below.

No comments:

Post a Comment