by Adv. Lufuno Khorommbi, Cyber Law Consultant and MD: Orizur Consulting Enterprise
Did you know that using public WiFi increases your online vulnerability? Public WiFi comes as a great relief to many internet users since it relieves them from the burden of having to pay for data to access the much-needed internet services. These free services are conveniently available in public places like airports, restaurants, hotels, malls, etc in that promoting amongst others users’ productivity and mobility.
Whilst there are undisputed advantages of using public WiFi, it is not without risks. Public WiFi comes with a number of security risks that increases internet users’ online vulnerabilities. One of the major risks is that anyone connected to the same network can access your personal data without your knowing about it. This is because the security of these networks is very poor, if at all existent, to be relied upon.
Public WiFi potentially gives hackers ability to position themselves between you and the connection point. Instead of you sending your information directly to the hotspot, you end up sending your personal information to the hackers. Also known as the Man in the Middle attack. Though some places like libraries do supply the login details for users wanting to access their networks. The same login details are publicly available to all the users.
Therefore, it is advisable to never use public WiFi; particularly to access Apps like Bank Apps, emails, social media accounts etc; because you never know who is online.
What other measures are there that can help internet users to minimise online vulnerabilities?
Switching off certain Apps when not in use like Bluetooth and Location is good practice for the reason that hackers are increasingly using personal identifying information to target their victims.
Bluetooth – Bluetooth must be used when it is really necessary, otherwise, it must be kept switched off. Thus, keeping your Bluetooth enabled on the phone at all times opens your device up to potential hacks, abuse, and privacy violations. Therefore, minimizing your Bluetooth usage reduces the hackers unauthorised access to your sensitive information and exposure to online vulnerabilities.
Location – It is essential to keep the location switched off, unless it is in use; because your phone keeps the log of everywhere you go, all the time. Important to note is that location services use a combination of other services to determine the accuracy of your exact location. Some of these services includes cellular data, cell tower location information, and sometimes Wi-Fi, Bluetooth, and GPS (global positioning system). GPS alone does not always provide the exact location because the user may not be in a direct line of sight of a GPS satellite.
The danger of leaving Bluetooth and Wi-Fi on is that both transmit a MAC (Media Access Control) address which can be seen by anyone who is receiving the signal. So even if my device is not connected to Bluetooth or a Wi-Fi network, it is possible for others, particularly the hackers, to determine a MAC address if these services remain switched on.
Take charge of your online safety! Did you know that you can minimize online vulnerabilities?
When we acquire new smart devices, we seem to be more interested in using the device and very seldom concerned about setting up the security of the device. Particularly when we use these devices to store personal information and conduct sensitive transactions.
It is recommended that every owner of a smart device must take care to change security settings to override the default settings, preferably before starting to transact with and storing personal information into the new device. Some of the settings that require changes include but not limited to default passwords and other log in credentials that come with the device, including that of routers.
It is equally important to:
download anti-virus to minimize the device vulnerabilities to cyber-attacks.
set up your social media security and privacy settings.
set up your email spam filter to reduce the number of spam emails you receive, some of which are phishing emails.
hide your device from being visible to others; whilst online.
set up your device to not search for Apps such as Bluetooth, Wi-Fi and or automatically connect.
Recommended behaviour to reduce online vulnerabilities:
always update the device software as and when prompted to do so
a. you can check for updates, or
b. respond to the notification on your device to update the software.
never share your login credentials with anyone, not even your spouse.
similarly, never allow any App or computer system to save your login credentials or remember your login details.
should you wish to give your phone to someone, take care to wipe off the data before giving it to the next person.
be cautious of following links that are offering birthday prices – most are scams to access your personal data. Whatever information you will be filling onto that link will be feeding through the attacker’s endpoint.
similarly, be cautious of responding to job adverts unless you are sure of the origin of the job advert. Just sharing your CV, and attachments including your ID document gives cyber attacks personal information they should not have. You risk your personal safety and that of your loved ones. Some of these job scams facilitates human trafficking.
NEVER publicize your car registration on social media. It is easily traceable to the owner, thus risking your personal safety and that of your loved ones.
make efforts to scrutinize new friend requests for connection on social media. Some of these “friends” are there to use social engineering to gain your trust and access to personal information to your own peril.
be cautious of sharing personal information on social media. Many predators or those who wish you and your family harm can use the personal information you share to determine the pattern of your life to help them determine when and where to physically target you or when you might be on holiday, leaving your home vulnerable.
Remember, the less you share personal information, the less chances of being targeted.
Adv. Lufuno T Khorommbi (Ms) is a specialist Cyber Law Consultant and the Managing Director of Orizur Consulting Enterprise. Her expertise lies in cyber law, cyber security, IT Procurement, Contract Management, Research and Policy Management. She is a Mentee of the Cherie Blair Foundation Global Women’s Mentoring Programme; a Member of South Africa Institute of Intellectual Property Law; a MICT SETA 4IR Advisory Committee Member; LLM specialization in IT Law; Certified in CIO Practice; she holds a Certificate in Cyber Security and a Certificate in Legislative Drafting. Find out more by visiting Lufuno’s website www.orizur.co.za.
More articles by Lufuno