The NSA Warns the Public About Free Wi-Fi

 Thursday, the NSA posted a public announcement warning cybersecurity teams and end-users of the dangers of using free Wi-Fi. They also warned about Bluetooth and Near Field Communications (NFC) as vulnerable protocols that can result in disaster.

Why is Free Wi-Fi Dangerous?

The public is used to working from the local coffee shop, in an airport while waiting for a flight, and countless other businesses that offer free Wi-Fi. Unfortunately, this convenience often comes with a dangerous surprise.

Unsecured Wi-Fi networks like those offered by hotels and other businesses to keep customers happy are vulnerable to hacking and man-in-the-middle attacks. Hackers use sniffers to find open networks and easily take over routers, allowing them to intercept information that passed between the user’s device and the internet.

For example, if someone visits their local coffee shop and connects their mobile device to the free Wi-Fi then accesses their bank accounts, cybercriminals could potentially use keystroke loggers and grab the passwords giving them complete access to the user’s finances. That is just one example of the serious threat when using free, unsecured Wi-Fi.

Bad actors use complimentary Wi-Fi access points to grab user credentials and steal personal information, install malware or ransomware on the user’s device, and commit other types of fraud. Some users may even walk away with spyware on their phone, and now anything they do with it, including sending emails, texts, and logging onto personal accounts, may be watched by a stranger.

How Can Company IT Department Heads Keep End-Users Safe?

Along with the dire warnings about free Wi-Fi, the NSA also covered Bluetooth as a point of entry used by cyber thieves. To combat any danger, the NSA warned the public and IT security professionals to advise their customers and employees to turn off Bluetooth in public places.

Another more worrisome concern is the use of Near Field Communications (NFC) for contactless payments. This type of communication uses radio waves to commit payments using terminals at checkouts everywhere.

Threatpost explains the NFC danger ‘“Radio connected devices represent a huge risk blind spot for organizations,” Norton said. “These are very much the soft underbelly of information security controls –– the majority of energy, focus, and money from a cyber resilience perspective is spent on preventing attacks coming through the internet-connected attack surface. Very little is being done to access the risk from near field radio connections.”’

As a precaution, the NSA also suggested that users turn off NFC when not in use. The security notice also mentioned that “Users should consider additional security measures, including limiting/disabling device location features, using strong device passwords, and only using trusted device accessories, such as original charging cords.”

What Can End-Users Do to Remain Safe?

Unfortunately, even with these emergent warnings from the NSA, most consumers do not take cybersecurity precautions seriously. The problem is that most people are working hard, moving too fast, and taking all this technology for granted. They simply do not realize how close the danger is and how easily someone could drain their accounts with a few missteps.

Although these tips are repeated often, the everyday user cannot do enough to stay safe these days. Tips to secure mobile devices and keep personal information safe are:

• Always use long, strong passwords.
• Never reuse passwords on multiple websites.
• Never click links in email or text messages. 
• Keep robust antivirus software running on all your devices.
• Update hardware and software to include the latest security patches.
• Never connect to free Wi-Fi without a VPN running on your device to mask your IP and protect your data.