		<div data-elementor-type="wp-post" data-elementor-id="562" class="elementor elementor-562" data-elementor-post-type="post">
						<section class="elementor-section elementor-top-section elementor-element elementor-element-64dae73 elementor-section-boxed elementor-section-height-default elementor-section-height-default" data-id="64dae73" data-element_type="section">
						<div class="elementor-container elementor-column-gap-default">
					<div class="elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-8b0dc76" data-id="8b0dc76" data-element_type="column">
			<div class="elementor-widget-wrap elementor-element-populated">
						<div class="elementor-element elementor-element-bdbf00d elementor-widget elementor-widget-text-editor" data-id="bdbf00d" data-element_type="widget" data-widget_type="text-editor.default">
				<div class="elementor-widget-container">
									<p><em><span style="color: #800080;">A short thought piece on the potential cybersecurity risks of using public or unsecured Wi-Fi networks.</span></em></p><p><span style="color: #ff9900;"><em><span style="color: #800080;">Please don&#8217;t assume I have considered all possible risks here, this is only one perspective. ð</span></em><br /></span></p>								</div>
				</div>
				<div class="elementor-element elementor-element-4ff7533 elementor-widget elementor-widget-heading" data-id="4ff7533" data-element_type="widget" data-widget_type="heading.default">
				<div class="elementor-widget-container">
					<h2 class="elementor-heading-title elementor-size-default">Intro</h2>				</div>
				</div>
				<div class="elementor-element elementor-element-c2b96a3 elementor-widget elementor-widget-text-editor" data-id="c2b96a3" data-element_type="widget" data-widget_type="text-editor.default">
				<div class="elementor-widget-container">
									<p>Networking is a complex and dynamic topic, and an understanding of key concepts involved is important to make security decisions based upon it.</p><p>As network traffic moves around a network like from a router to a computer and then to a specific program running on the computer, the traffic is ‘encapsulated’ from the sender and then ‘decapsulated’ by the receivers.</p><p>Network traffic is encapsulated so it can be interpreted by other computers. It is structured using a set of rules all computers on the network understand and these rules are called protocols.</p><p>Think of putting a letter in an envelope, it is a standard size and has an address written in a standard format and the data contained is in a language both parties understand; this is the protocol of sending a letter and computer networks operate is a very similar way.</p><p>Network traffic will be encapsulated multiple times, as data is decapsulated the next layer of encapsulation of revealed and the data is passed to a lower-level system &#8211;<br /><img class="alignnone size-full wp-image-563" src="http://techzilica.com/wp-content/uploads/2022/06/Encapsulation.png" alt="PDU encapsulation on networks" width="375" height="194" /></p><p> </p><p>A VPN is a protocol which your computer can use to encapsulate all internet traffic in an encrypted stream to be decrypted at another location (essentially setting up a tunnel from one location to another with encryption) before being sent to the intended internet location.</p><p>When you connect to a Wi-Fi network, your computer is told information on where to go (the DNS server via DHCP) to convert website addresses (like google.com) to IP addresses. Your computer will accept the data the Wi-Fi network provides on how to look-up domains unless it is set manually and is assumed to be correct.</p><p>A VPN is considered more secure, as all data is encrypted before being sent over the Wi-Fi network. This way if an issue could be exploited in an encrypted protocol the computer uses to communicate, the data could not be read by the malicious Wi-Fi network operator as it is encapsulated/encrypted again by the VPN.</p><p>Network security has significantly improved in the last 5 years. Once, most protocols on the internet did not employ encryption, allowing anybody to eavesdrop on your computer communicating with low levels of sophistication and setup.</p><p>Now, modern and well-developed applications employ encrypted protocols to provide privacy.</p>								</div>
				</div>
				<div class="elementor-element elementor-element-229b7a4 elementor-widget elementor-widget-heading" data-id="229b7a4" data-element_type="widget" data-widget_type="heading.default">
				<div class="elementor-widget-container">
					<h2 class="elementor-heading-title elementor-size-default">Risks &; Solutions</h2>				</div>
				</div>
				<div class="elementor-element elementor-element-778e1b3 elementor-widget elementor-widget-text-editor" data-id="778e1b3" data-element_type="widget" data-widget_type="text-editor.default">
				<div class="elementor-widget-container">
									<p><strong><span style="text-decoration: underline;">Eavesdropping by malicious Wi-Fi network operators – VPN mitigation</span><br /></strong>A VPN is recommended by official government advice when using public Wi-Fi, with a VPN internet traffic is encapsulated and encrypted strongly using one protocol which reduces the attack surface of your communications when connecting to public Wi-Fi; as without a VPN, there are many protocols your computer uses to communicate on the internet which allows more chance for poorly implemented protocols and unknown vulnerabilities in the protocols to cause security breaches.</p><p>The likelihood the type of attack a VPN mitigates is low as it requires high levels of sophistication.</p><p><span style="text-decoration: underline;"><strong>DNS poisoning – Enable DNSSEC mitigation</strong></span><br />DNS is arguably the weakest area when it comes to users accessing public Wi-Fi as it allows for malicious Wi-Fi network operators to redirect internet traffic to domains and preform man-in-the-middle attacks.</p><p>Manually setting the DNS server the computers look to for DNS and employing DNSSEC is the best solution.</p><p>Exploiting DNS is a fundamental part of many public Wi-Fi security breaches due to DNS being old and security focused by default.</p><p><span style="text-decoration: underline;"><strong>Public Wi-Fi – 4G/5G mobile data mitigation</strong></span><br />Government advice suggests using mobile data as an alternative to public Wi-Fi as this mitigates the risk of public Wi-Fi entirely.</p>								</div>
				</div>
				<div class="elementor-element elementor-element-b361e69 elementor-widget elementor-widget-heading" data-id="b361e69" data-element_type="widget" data-widget_type="heading.default">
				<div class="elementor-widget-container">
					<h2 class="elementor-heading-title elementor-size-default">Summary</h2>				</div>
				</div>
				<div class="elementor-element elementor-element-0a38501 elementor-widget elementor-widget-text-editor" data-id="0a38501" data-element_type="widget" data-widget_type="text-editor.default">
				<div class="elementor-widget-container">
									<p>The risk of using public Wi-Fi is lower than years past as networks have become more secure, risks do remain, and it is impossible to eliminate risk entirely with networks.</p><p>There are options available to mitigate different levels of risk which should be applied based off the risk tolerance of the organisation/user.</p>								</div>
				</div>
					</div>
		</div>
					</div>
		</section>
				</div>
		
Technical perspective of risks using public Wi-Fi and how to stay safe
