Public Wi-Fi, why should you not use them?
Wi-Fi is often mistakenly thought to be the acronym for Wireless Fidelity, it is however unexceptionally wrong. The technology is known as IEEE 802.11 but as they are not quite user-friendly, a marketing firm came up with Wireless Fidelity, and it serves it purpose until today. As Wi-Fi is continuously upgraded from 54Mbps to 5G, it became an inseparable part of our lives. Electronical devices are invented to be much smarter and compact due to better Wi-Fi connection. Look to your left and right, at least 2 people are on their phone, surfing the Internet or calling someone. Want to know something? Google it. Want to buy something? Shopee, Amazon, Etsy and many more are at the tip of your fingers. Yet, there are still restrictions on Data Connection and Wireless Network which is that one cannot go beyond its coverage area.
As Internet becomes a necessity, it has grown to be a popular attraction for shops, malls, restaurants, cafes and many more. Just by putting a sign or sticker saying that you provide free Wi-Fi will increase your market presence and ultimately, profitability. Nevertheless, before connecting to such open networks, you should know what you are dipping your legs into, feeling the cold of the water before diving in.
The most common attack is the MitM or also known as the Man-in-the-Middle attack. Its eavesdropping nature is due to the fact that the attacker reads whatever data you send. It could be a message, a purchase, or a simple search. Just so you know, whatever private chat you send using a public Wi-Fi is most probably not private at all.
Besides MitM, Session Hijacking is also another threat. The process is quite similar to the previous attack but instead of just watching the data being transferred from 2 different points, the attacker slips in the middle of the conversation and takes over it. Now instead of you logging into your Instagram account, it is the attacker. Yet on Instagram’s perspective, it is indeed you who are logging in. The account is no longer under your sole access.
There is also Snooping and Sniffing. It is a more sophisticated sort of attack as it normally requires extra resources such as software kits and equipment. Cybercriminals uses them to intercept Wi-Fi signals which ultimately allows them to have full access to your online activity, all of it. From knowing the pages you’ve visited up to your log-in details. This ultimately allows them to hijack your account, all while you freely use public Wi-Fi.
The most deceivable public network attack is Malicious Hotspot and Wi-Fi Honeypots. They are highly similar as they both are hotspots set up by cybercriminals who are ready to pounce on the little sheep who innocently walk through their front gate. Public normally fell for them as they appear to be normal legitimate networks. They might have the same name with the place you’re in, for instance “Goallie Café”. The moment you link or connect to the Wi-Fi, the hackers are able to obtain all of your data. You might think that they are only able to see what’s on your device but that is not true. Even from your phone number and full name, data from all the different sites you logged into are in their palms.
Now, what if your phone battery is less than 10% and using cellular data is too battery draining and have no other option but to use public Wi-Fi? When taking risks, one must always be on their toes and take precaution. Here are some things that you can do to minimize the risks of being attacked by cybercriminals or having your data stolen from underneath your nose.
The best approach to secure net surfing is to use a Virtual Private Network (VPN). Be sure to not use the free ones as they are free for a reason. CLICK HERE FOR MOR INFO ABOUT IT. Using VPN will help keep you anonymous as well as protect your data from getting snooped. Besides that, you should never log into account that hold sensitive information about you, be it personal information such as your identity card number or bank account credentials. You should also not leave you Wi-Fi or Bluetooth turned on when they are not in use. Leaving them open is similar to leaving your front door open.
What you should do when using public Wi-Fi is to always be suspicious of them. Suspect each and every one of them. This might be seen as being too paranoid, but it is better to be safe than sorry. Next, be sure that you visit only HTTPS-enabled sites. CLICK HERE FOR MORE INFO. When you are done with your account, never leave it idle. Be sure that you log out when you are no longer using them. Leaving them open is as if leaving out sugar for ants to come crawling from invincible cracks. If possible, use multi-factor authentication when logging into your account, regardless of how sensitive they are. This reduces the possibility of your account being hijacked.
In a nutshell, public Wi-Fi is as bad as it is good. There are a lot of loopholes and using them makes you much more vulnerable than using your private networks. While business owners might think that installing a Wi-Fi makes them more competitive than their competitors, it also puts their clients and customers at the edge of a cliff. As there are not much awareness being shared about it to the public, many underestimates the threat of public Wi-Fi.
Should You Pay The Ransom in a Ransomattack?
Ransomattacks are similar to kidnapping, but instead of a real person being taken hostage, it is your company data. It might be sensitive data such as clients’ credentials. Of course, given the weight those data carries, companies tend to think that it is easier to just give those cybercriminals the money and receive back their data. However, it is not as easy as it seems.
There is abundance of reasons why companies should not pay their attackers. Here are some of the reasons why you should not give way to them.
The ultimate reason to not pay the cybercriminals with what they want is because the attacks will return. With every attack, the amount of money demanded will increase. According to Security Week, around 40% of victims pays the second ransom while a quarter of them paid a third ransom. If there were to get attacked again, only 1% would actually pay.
If your company is very protective with data, it would mean that the files are stored after they are encrypted hence, you might actually be paying a clown. The hackers might be able to even decrypt your files and is only putting up a show. Bluffing with confidence are what makes the weak look strong. By paying them, you not only will be wasting your money but also degrading you IT technician, programmers and computer engineers who have worked hard to protect sensitive company information and files.
Furthermore, paying ransom does not guarantee that your stolen data will be 100% restored. According to Gartner.com, only 65% of data are recovered on average. And even if you received back your data, they might already be corrupted, thus, no longer usable. The money you paid will all go down in vain.
Last but not least, paying ransom is the same as funding criminal activities and could lead to civil penalties. The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) imposed civil penalties based on strict liability if any were to engage with a sanctioned individual. Strict liability means that regardless of whether they know the person is blacklisted or not, if they did engage with him, they are held liable.
In short, ransomware can be seen as life threatening. It is crucial that companies establish prevention methods in the case that they might get attacked. Still, people love to learn from their mistakes rather than prevent those mistakes. One should take more preventive measure to ensure that no resources are wasted on criminal activities. Paying ransom in a ransomware attack is something no company should do, for you, your clients, your employees and the rest of the public.
If you want to improve your company’s cyber security, you may contact us directly @ 0135969393 & for more details and follow our official sites for more updates.
Website : https://ronasnetwork.com/
Facebook : facebook.com/rnsmalaysia
Instagram : instagram.com/ronas_networ
RONAS NETWORK & SERVICES
Company No.: IP0502192-A
G-02, Tower A, Cyber Bistari (Hyve), Jalan Impact, Cyber 6, 63000, Cyberjaya, Selangor
Mobile : 6013 – 596 9393
Email : admin@ronasnetwork.com.my