How Secure is WiFi?

WiFi eavesdropping is a way that cyber-criminals can capture personal information by virtual “listening in” on data that is shared on an unsecured WiFi network. The objective is normally to steal login information, especially sites that do not use SSL encryption. Most commonly POP3/IMAP email and FTP connections. Thankfully you bank is likely to use SSL encryption which makes it much more difficult for the cyber-criminal.

WiFi is not secure and there is no encryption on private networks. Hence anybody can connect and read the traffic as it travels. Public networks tend to use web-based authentication but most still do not use encryption. Therefore the user needs to know that they are protected on their private network and know how to keep safeguarded when using public WiFi hotspots.

The tools to ‘listen in’ to a WiFi network are readily available and easy to use. Unless you can connect to a Virtual Private Network (VPN) or a hosted service designed especially for hotspot security such as Hotspot Shield, make sure any sites you visit are secured with SSL encryption. To identify websites with SSL encryption, web browsers will have an https address instead of http. There is also likely to be a pad lock or some other icon. The best advice when using public networks is simply not to browse sensitive information that would be of interest to a cyber-criminal.

Even though you may well have protected your network with a password and only disclosed the password to ‘trusted’ users, anyone on the network can still read all the traffic regardless. The Enterprise mode of WPA2 security requires an authentication server. If you already have a Windows server consider the Internet Authentication Service IAS or the Network Policy Server NPS functionality. Otherwise there are hosted services like Authenticate My Wifi.