Business travelers along with consumers should forgo public WiFi and opt instead for their cell phone provider's network to ensure increased protection from hackers.
The risks of utilizing public WiFi are innumerable as cyber criminals are watching sensitive financial data such as credit card or banking transactions, hijacking accounts by infecting the user's laptop with malicious malware or stealing identities.
The networks hosted by cell phone providers are more secure and "can be trusted," said Joram Borenstein, a vice president of marketing of NICE Actimize, a New York-based financial crimes software solutions provider.
"The average consumer does not have the technical know-how or the inclination for that matter to analyze a Wi-Fi signal's vulnerability, password strength and encryption protocol such as WEP, WPA or WPA2 that would give them a strong sense of security," he said.
Wireless connections are prone to being hacked relentlessly and choosing a virtual private network (or VPN) prevents sensitive information from being exposed.
"VPNs are an easy-to-use option that many consumers should adopt for their personal devices," Borenstein said.
Using free, unsecured public WiFi at the airport or a restaurant is tempting to quickly change passwords or check your bank account balance, but doing so can prove to be disastrous.
"You should assume it is untrusted and that everything being transmitted across the public WiFi is potentially being watched, collected or that the sites you are attempting to access may not actually be authentic," said Joe Carson, head of global strategic alliances at Thycotic, a Washington D.C. based provider of privileged account management (PAM) solutions.
Hacking into a cell phone provider's network is more difficult because it requires special equipment and the ability to decrypt the data. Gaining access to a WiFi connection means a hacker only needs a computer with WiFi capability.
Cyber attackers can easily redirect users from legitimate websites to ones which are malicious, creating more victims and also infecting their smartphone, tablet or laptop on WiFi.
"They can hijack their accounts to perform financial fraud," Carson said. "It is safer to use your cell phone as a hotspot instead of public Wi-Fi since it is generally more secure and less likely that an attacker is collecting or stealing your information."
Public WiFis Are Always Untrustworthy
When people are faced only with using public WiFi, selecting one that is secure and is password protected is the next best choice to using a VPN. By using the latest web browsers, consumers lower their risk since the security has improved "significantly to detect when a website is untrusted or not the real website," he said.
Not all hotspots are secure, so using your own cell phone as the access point reduces the threat, said Daniel Smith, a security researcher at Radware, a Mahwah, N.J.-based cyber security company.
"If you are going to use your cell phone, I suggest that you do it through tethering versus opening it up as a mobile hotspot," he said.
Updating your devices so that they are utilizing the latest operating system before you head out on a business trip is beneficial. When you are on traveling and not using your devices, Smith recommends disabling the Bluetooth and WiFi options.
"Verify the network's real name when using the hotel's WiFi," he said. "Don't be so quick to trust random WiFi hotspots to just to save a buck on your data plan because it could jeopardize your data."
Attacks from hackers can occur from unsecure hotspots such as the hotel lobby or cafe.
"They can trick data deprived users into connecting and once connected, the attacker can begin running a man-in-the-middle (MITM) attack to obtain sensitive information like passwords and emails," Smith said.
Cellular connections from your phone or a mobile 3/4G connection, are "typically safer than WiFi because it is more difficult to get 'in the middle' of your web traffic," said Ryan Manship, a security practice director of RedTeam Security, a cybersecurity firm in St. Paul, Minn. Hackers would have to "spoof" the point of connection without the person knowing and travelers can easily check their phone or hotspot to see if additional connections are added to the device, he said.
"To execute any real type of MITM attack, the attacker would need to be capable of both spoofing a cell tower and hacking the carrier, which would be a rather sophisticated attack," Manship said. "Always make sure the sites you are connecting to use HTTPS and never ignore warnings from your web browser that the site or connection may be insecure."
A MITM attack occurs when a malicious eavesdropper or the "man in the middle" is able to read the data when you are browsing a website.
"The attacker is typically a link in the chain through which data travels as it goes from you to the website or vice versa and they have been able to successfully impersonate each side to the other, hence getting total access to the communication," said Emmanuel Schalit, CEO of Dashlane,a New York password manager company. "Delete WiFi networks from your devices that aren't yours and make sure to secure your WiFi connection with a unique, private password."
Even WiFi connections provided by a company at a conference can be vulnerable to an attack.
"When using a WiFi network that one is not familiar with, VPNs play an important role in helping to ensure the security and safety of financial and other transactions," said Borenstein. "Keeping mobile apps up-to-date is also important both for stability and security and using anti-malware technology on a mobile device is becoming an increasingly common option for security."
Depending on the number of people attending a conference, the WiFi signals can "collide with each other and essentially make it so no one can use WiFi even if it is from your mobile hotspot," said Janice Ting, a product marketing manager at Netgear, a San Jose, Calif.-based networking products manufacturer.
A mobile hotspot can be a good alternative because once you connect to a mobile hotspot, all of your devices will remain connected and you can avoid logging in again.
"A mobile hotspot is also ideal because of the powerful battery," she said. "I can keep working on the Internet and save the battery life of my phone for more phone calls and texts."