The internet has become so ingrained in our daily lives, for employment and personal purposes. It is such an important part of our culture that no matter what you go – a coffee shop, the subway, a sports stadium, a bar – there is a very significant chance of access to wifi. Simply put, WiFi is a means for communication on a network using radiofrequency. The data is passed using antennas and routers. So, unlike hard-wired networks, anyone within a certain distance can access your wifi, potentially leading to security concerns.
There are several methods by which your wifi could be attacked. One popular method is referred to as “wardriving.” This is a method by which individuals drive around neighborhoods and areas to enumerate what wireless networks exist, what type of encryption (if any) is used, password (if known), and any other pertinent information. This information may be chalked or painted to the street or sidewalk or posted to various websites.
In addition, there are many ways in which your password can be decoded and hacked to gain access to your wifi network (and potentially private information about you). Very much like other password attacks, there are simplistic attacks (brute force) and complex attacks. While brute force will eventually work, there are methods to minimize the impact if compromised. It is incredibly important to use complex passwords to minimize the likelihood that this happens to you.
A Denial of Service attack is more of a nuisance than a true technical attack. It is comparable to an extreme brute force attack that overwhelms a Wi-Fi network or assets/nodes on it. However, sometimes the vectors of attack for a Denial of Service are very technical. Many technologies, namely web servers, and websites have Denial of Service protective measures, as the internet can connect to them if they are public-facing.
Whether the wifi is open, public, or customer wifi, it faces its own security issues; none of them are fully secure. Wireless networks in businesses (or customer networks) may contain a password that anyone using that business can obtain. There is no way to ascertain the security of the network or validate that it is in fact the network you wish to be joining. These stores or other businesses have no legal obligation to protect a customer’s device or data. They can also monitor your connections and roam your device for information about you that can be later used for marketing, etc. As with customer networks, there are no legal obligations to secure your device or data in public wifi networks and there is no way to make sure no one can intercept your data.
Nothing is absolutely secure. As an individual, it is good to discuss this with your wifi router provider or the installer so you may access the level of risk and how to mitigate the risks. As a consumer, it should heed a warning as to when and where to connect to wifi.