When you’re pushed for time, it’s easy to think that hopping on your university’s free WiFi hotspot will do no harm, but in reality there’s a chance that doing so couldn’t be further from the truth.
University WiFi represents a fairly unique opportunity for cybercriminals and therefore a unique set of risks for the students and staff that are tempted to connect. Whether you’re providing university WiFi, or simply logging on and using it, it’s important that you fully understand that risks and the measures you can take to mitigate them.
Why is university WiFi a particular problem?
There’s no getting around the issue that public WiFi is dangerous. Finding a network generally isn’t hard; in fact, virtually every coffee shop, fast food outlet, hotel, airport, and mall has free WiFi that you can connect to. The trouble is, when you do, you’re opening the door to a range of possible risks, including:
- Unencrypted networks: The chance that a poorly configured network will allow open access to transmitted data
- Malware: The possibility that rogue programs can infect your device
- Man-in-the-middle attacks: Interception of your data allowing for the theft of sensitive information
- Snooping: Interception of all data crossing a particular WiFi network
- Rogue hotspots: Where you’re tricked into connecting to a malicious network designed to steal your data
But these issues are true anywhere, right? Well, to some degree that is the case, but there are specific factors that make university WiFi a favourite for cybercriminals.
In the first instance, university WiFi is generally easily accessed. With a significant number of buildings and areas, a criminal would have no problem finding a quiet place to work from. What’s more, the equipment needed can be easily disguised. If you sit with a cap on, open laptop and bag of equipment in a mall you may attract attention, but in a university, you blend in perfectly.
Of course, it’s not just finding a quiet area and blending in that helps a cybercriminal access sensitive data. There’s also an increased reliance on public WiFi from university users. For many students, cash flow is tight, so free internet access is ideal. For international students, free WiFi may replace the need for a local SIM and cellular data. Ultimately, university WiFi tends to be used heavily, and that provides a target-rich environment for criminals.
Some worst-case scenarios
At first glance, you might think that a lot of the data we send and receive is useless – but, in reality, it’s not – as criminals often use to it create a bigger picture of you and your online habits.
For instance, you might not be worried about accessing your online banking or PayPal accounts over an unsecured connection – since they’re encrypted services anyway – but, what if a criminal managed to access passwords you used for other websites? In many cases, those passwords will be the same as the ones you use for more secure services – and, you may share information on other, non-secure services that allow that criminal to reset your password – or call the company in question and imitate you.
With just email addresses and the knowledge that you’re a student or staff at a particular establishment, a criminal could create an extremely convincing ploy to access yours or other people’s data very quickly.
How to protect yourself
Free WiFi is a fantastic perk of studying or working at a university, and the good news is it’s not something you need to give up just because criminals may seek to hijack your sensitive data. In reality, all you really need to do is make sure you’re protected from those threats, and that can be very simply done.
Using the right browser
The chances are that by default, each of your devices uses a popular browser; Google Chrome or Mozilla Firefox for instance. While security across these popular applications is fairly good (especially when you choose to ‘always use HTTPS’ security options), there are other more security-focused browsers out there.
It’s worth exploring a good list of best browsers for privacy to make sure you’re using one that perfectly suits your requirements, and, importantly, making sure you’re not using any browser plug-ins that might compromise security.
Using a VPN
Using a Virtual Private Network (VPN) is the ultimate way of evading the attention of criminals – or anyone else who might like to look at what you’re doing online. A VPN creates a secure and private connection between the device you’re using and a server based in a totally different geographical location. Since the data between your device and the server is private and protected, there’s no way your activity can be monitored or tracked.
A good VPN service can work across multiple devices too, so you can be confident that however you send or receive data, it’s being done privately.
Finding good antivirus
While technology will do an outstanding job of stopping a huge number of cyberthreats, there’s always the chance that a momentary lapse of thought could lead to the most common IT security issue – human error. Some of the biggest cyber-attacks have come as a result of human error, and the only way you can be certain they won’t catch you out is to make sure you’ve got a safety net protecting you.
Finding a good antivirus package (that works across all devices you’re likely to access WiFi with) is an important part of staying safe online. Like VPNs, the best and most comprehensive option might not be free. However should you ever find yourself compromised, the small cost involved has the potential to repay itself thousands of times over.
While the chance of cyber-attack is very real, it’s not something you should lose sleep over. In virtually all cases, cyber criminals look for people who have overlooked or not considered the appropriate level of security for their devices. You can make sure you’re not one of these people by following a quick list of dos and don’ts…
- Use a VPN to connect to public WiFi (for all your devices)
- Use a security focused browser and only access sites using HTTPS
- Disable file sharing on public networks
- Find a good anti-virus application for all your devices
- Transmit sensitive data through applications – do so on a website that uses HTTPS instead
- Log onto networks that are not password protected
- Log into networks that you’re not familiar with
- Use the same password across multiple sites or services