I like convenience as much as the next guy but I also exercise caution whenever I see the word “free.” Why? Because for me, the old adage “You don’t get something for nothing” has rung true too many times. In today’s world, I become particularly suspicious whenever I see the words “free” and “Internet” together and so should you.
A recent study by Airtight, an intrusion prevention systems vendor, underscored the significance of my concern. This company wanted to look at the risks business travelers face when using unsecured wireless access points while in airports. They found that only 3% of travelers were using a VPN (virtual private network) to encrypt their connection. The rest were simply sending usernames, passwords, and who knows what else in clear text which can easily be captured thereby exposing the traveler’s data, online accounts, the laptop itself and even their office network to an attack.
Worse yet, the company reported that on average 10% of the laptops detected in the 14 airports that were investigated were infected with viral peer-to-peer Wi-Fi networks. Not only is this select group of travelers now vulnerable to identity and data theft, not to mention having control of their laptops compromised (think botnet), but they also expose anyone who unwittingly connects to the viral network to these same risks.
The take away is that one should never connect to an unknown ad-hoc network (the icon with two laptops) particularly if it says “Free Internet,” “Free Public Wi-Fi,” or any number of other labels. Just because a connection claims to be Verizon, Jet Blue, or US Air doesn’t mean that it’s legit. In situations like this, assume that if the connection is free it is also likely fake. The other learning is to never connect to the Internet absent a VPN connection. Why take the risk with your personal information as well as your client’s?