The Dangers of Unknown Wi-Fi Networks During the Coronavirus Lockdown

The Coronavirus pandemic has changed the world quite significantly in a very short time, especially in terms of working conditions and the availability of certain services. Millions of people around the globe are now being allowed to work from home, which means they spend much more time on the Internet.

To make matters even more interesting, the various quarantine and social isolation methods put in place by governments result in people staying inside for extended periods. Obviously, there’s not much to do at home that doesn’t involve an Internet connection, be it gaming, watching TV shows on streaming platforms, or consuming content on various news websites and social media platforms.

While this sounds fine and dandy in theory, the problem is that many more people are now being exposed to various online threats, given the fact that their company’s firewalls or Internet filters no longer protect them. Not only that, but there are also a lot of disinformation going around right now, which makes things even worse.

Besides, Wi-Fi networks have to handle the bulk of this traffic surge, given the fact that most people have to work on laptops, which are designed to be mobile and not require a cable connection. Unfortunately, there are a lot of risks and dangers associated with Wi-Fi networks, which is why it’s a good idea to read on the subject and document yourself regarding the best practices and the most common security issues.

Before worrying about what could happen if you connect to an unfamiliar Wi-Fi network, it would be a good idea to avoid doing so entirely. In essence, your risk factor should be much lower considering the circumstances, given the fact that you are most likely not going out to coffee shops, hotels, or restaurants these days, where hackers are usually most active.

However, your devices at home can pick up Wi-Fi signals from all around your apartment building, some of which may be malicious. If you own a router and an Internet connection, then there really shouldn’t be any reason to connect to any other networks, and it’s also wise to set up your devices to never auto-connect to open networks either.

In fact, this should be one of the first steps when trying to secure your devices, since many phones and tablets automatically connect to the first hotspot that doesn’t require a password. Hence, it’s definitely worth the time to check all of your settings and make sure that you are only using your network, which eliminates all the other associated headaches as well.

However, if you are still curious about the dangers of unknown Wi-Fi networks, here is what can happen if you don’t take the necessary precautions.

Hackers Can Steal Your Passwords and Data

The way Wi-Fi scams work is pretty simple: Your device connects to the network, you start browsing the Internet and inputting passwords or other account credentials, and all of your traffic is relayed to the attacker’s computer in the background. Naturally, the technical aspects are a bit more complicated. Still, it’s really not that hard for someone to set up such a network, and it’s also not very difficult to use tools like Wireshark to analyze data packets.

You can also think of these attacks as being analogous to keyloggers because the final result is the same. In essence, everything you type on your laptop, phone, or tablet is being relayed to another computer, thanks to the unknown Wi-Fi network that does not offer encryption for your traffic.

It’s possible to get away with it if the websites you use have HTTPS enabled because the data you input there will be encrypted regardless of your Wi-Fi settings, but that’s a gamble you definitely shouldn’t take. Not only that, but the hackers can use the unsecure connection to infect your computer with actual keyloggers, which would make even HTTPS useless.

Your Device Can Be Infected with Malware

While some attackers will be happy just to have your passwords and account credentials, others are much more bent on creating chaos and destruction, which is why they also infect your devices with malware. This is not limited to your desktop or your laptop either, given the fact that your phone and tablet are susceptible to all sorts of malicious software as well.

There are a plethora of malware types that can be used in such an attack - ranging from annoying (such as pop-up ads or unwanted browser add-ons), to downright destructive, such as viruses that can keep your CPU at 100% and disable various system security measures, resulting in defective hardware.

Naturally, this is not a good time for your PC to break down, especially if you use it to work from home. Besides the fact that you won’t be able to do your job, it’s also challenging to find a computer repair shop during quarantine and lockdown. Also, computer parts may be unavailable or severely overpriced for a while, so you are definitely going to have a hard time if anything goes wrong with your hardware.

There are some measures you can take to mitigate these risks, such as using antivirus software. Even the integrated Windows Defender can do a great job, and it’s also highly recommended that you do not mess with Windows’ UAC functionality since that can put you at risk.

Blackmailers Can Encrypt Your Drives with Ransomware

Another thing you expose yourself to when connecting to an unknown Wi-Fi network is the possibility to fall prey to a ransomware attack. If you are not familiar with the concept, this means that all of your storage drives get encrypted by the attacker, making them virtually inaccessible unless you have the correct encryption key. As you may have guessed, the attackers ask for money in exchange for this key. Otherwise, you won’t be getting your data back.

Under normal circumstances, a ransomware attack is only effective if the data on the device in question is truly valuable to you. Thus, while it is indeed impossible to recover the encrypted data without the key, a simple full-drive format gets rid of the problem - at least as long as the attacker doesn’t come back to do it again later on.

As a side note, it’s worth pointing out that some viruses can infect your boot sectors. What this means is that the virus can survive a format and OS reinstall, because the data from the boot sector is usually not deleted in the process, at least not automatically. Hence, in the case of Windows, a manual MBR reinstall is recommended as well, just to be sure.

Getting back to the point, this can also put your company’s private data in jeopardy. Not only that, but you may be liable for any data loss resulting from the attack, which is why formatting the drive is not an option in such cases.

Granted, serious companies should have multiple backups on secure servers, but then again, you don’t want to risk it. Furthermore, even if you do not lose any essential company data, you may still lose hours of work if you have files that haven’t been uploaded to your company’s servers.

Your Computer Can Be Assimilated into a Botnet

Sometimes, hackers have long-term plans for your computer after infecting it, which means they try to make the malware virtually undetectable until they need your resources. Thus, once you connect to an untrusted Wi-Fi network and the attackers gain access to your device, they simply infect it with malicious software that buries itself deep into your operating system, lying dormant until further notice.

In essence, this allows hackers to make use of your computer for nefarious purposes whenever they need it, such as conducting DDoS attacks on various servers and services. Once enough devices are hijacked this way, they turn into what’s called a botnet -this is a network of compromised computers all over the world, used in parallel for all sorts of attacks.

The worst part is that such malware is very difficult to notice without proper antivirus software, mainly because your system seems completely fine most of the time. However, once the attackers call up on your system, your CPU usage skyrockets, making your OS slow down to a crawl.

Your Computer May Be Mining Bitcoin in the Background

Speaking of high CPU usage, unknown Wi-Fi networks also expose you to Bitcoin-mining malware. Just like botnet viruses, these attacks do not make a big fuss most of the time either, which means that they are also tough to notice if you do not pay close attention to your resource usage.

Instead of being used for remote attacks, however, your computer’s CPU or GPU can be used for Bitcoin mining instead. This process is very compute-heavy, which means that your system loses performance if you try to use it for various other tasks, such as working, playing, or watching movies.

The worst part is that high CPU and GPU usage usually means high power consumption as well, which in turn results in a higher electricity bill. On top of that, some Bitcoin mining malware is also smart enough not to use 100% of your computer’s resources, which makes it that much harder to notice, and it also means that you are likely to blame it on something else.

Your typical laptop or workstation is usually not powerful enough to be efficient in terms of Bitcoin mining, which is why you wouldn’t do it for yourself. On the other hand, attackers rely on the fact that they can infect millions of devices at the same time, which adds up to quite a bit of processing power, especially since they are not paying a dime in the process.

Keep in mind that these practices are not limited to untrusted Wi-Fi networks. It can afflict you in a variety of ways, and there are plenty of apps out there that do this behind your back. Thus, it’s wise to keep an eye on your CPU usage from time to time.

Attackers Can Gain Access to Your Company’s Servers and Assets

If you are working from home, trusting an unknown Wi-Fi network while working with company assets or data is one of the worst things you can do. Besides putting your security at risk, you are also risking your company’s servers in the process, given the fact that attackers can gain access to every company account you are using.

If your work requires you to log into various online platforms or private servers, the hackers can use your credentials and cause significant damage. It is not something you want to be held responsible for, especially if the attackers end up deleting sensitive files or bringing down entire networks worth millions.

This also applies if you are a coder and you work with private repositories on Github or GitLab since there’s nothing worse than having your company’s source code files leaked online. Besides the fact that these files can be used to clone your company’s product in record time, they can also be used to find vulnerabilities and exploits.

You may not even be aware of the leak if the attackers are smart about it. This is exactly how zero-day exploits work, especially since no one but the hackers is aware of the exploits, which makes it impossible for your company to prepare against them.

On the other hand, we’d like to believe that programmers are smart enough not to trust unknown Wi-Fi networks, although that’s never a guarantee.

Your Work Computer Can Turn into a Long-Term Liability

At this point, you’re probably thinking that this issue is only going to be necessary for the duration of this crisis and that everything will go back to normal once the lockdown and the quarantines are over. However, depending on the type of malware your work computer contracts now, it can turn into an even bigger problem down the line.

In short, dormant malware like the ones mentioned previously can go undetected for weeks or even months, which means that you probably won’t have any reason to run security checks on your work computer. Thus, once the crisis is over and you return to the office, your laptop will once again connect to the private work networks as usual.

Obviously, this can have catastrophic effects later on, because that malware can now infect your company’s entire infrastructure. It includes all the other computers in the network, as well as all the servers and other devices sharing the network. Once this happens, your company will have to spend a lot of money to get rid of it, which is something you do not want to be responsible for.

A Bit of Advice

With all that in mind, it's understandable to be a bit scared when it comes to your computer's security, especially since you may also be responsible for various work devices throughout this period.

However, staying safe is not as difficult as it sounds, which is why there are a few simple rules you have to keep in mind while using Wi-Fi networks and avoiding other online threats. Hence, here are a few guidelines that should be easy to follow for everyone:

1. Do not, under any circumstance, connect to an unknown Wi-Fi network. There's really no reason to do it, and it's by far the easiest method to avoid any unpleasant situations. This applies to both your personal devices and your work computer.
2. Configure your devices to never auto-connect to open networks. This is a crucial step because it doesn't matter how careful you are if your devices connect to unknown networks behind your back.
3. Use a VPN solution. VPNs are designed to encrypt all of your web traffic, which includes Web browsing, and any other work-related apps you may be using. Speaking of which, you can also check out our article regarding the reasons why you should invest in a VPN if you are working from home. Furthermore, you should also read up on how VPNs can help you access better information during the Coronavirus lockdown.
4. Use a password manager to log into your various accounts. It saves you the trouble of having to type out your credentials every time, while also keeping your passwords safe and encrypted. This is also an effective solution against keyloggers since you never have to touch your keyboard to log in.
5. Use antivirus software to keep your system safe. Besides receiving warnings whenever something fishy is going on, it's also a good idea to perform regular scans every now and again, just in case something gets past your security measures.
6. Don't let anyone access your work computer, not even friends. This should go without saying, but it's definitely not a good idea to let someone use your work laptop, with or without your permission.

Final Thoughts

As you can see, there are a lot of reasons why connecting to an unknown Wi-Fi network is not a good idea, regardless of the circumstances. However, this is now a much more significant concern, given the fact that many people are now forced to work from home using their work computers, which usually carry sensitive and private data.

The worst part is that not all malware makes itself visible right away, which means that you may not even notice that something terrible has happened until it is too late. Thus, a simple mistake can put your company’s entire infrastructure at risk, even if all you do is connect to a seemingly regular Wi-Fi hotspot.

Furthermore, you should remember these dangers even after this lockdown is over, especially since by then, you will also be carrying your laptop and phone to coffee shops and hotels, where the risks are much higher.