Connecticut Office CALL US AT (203)-295-5050 | New York Office (646)-693-1950
Home - Article

Featured Article

September 17, 2019

Hey New York, Is it safe to Use Subway WiFi? Probably Not


We’ve all been there. We’re taking the 4,5 or 6 train downtown – perhaps to Wall Street. Maybe our journey started on a Metro North train from Stamford, Connecticut and passed through Grand Central Station or perhaps, we live in the city and walked to a subway station. Whatever the situation, we know the feeling of having important work to do with no wireless connectivity besides WiFi. So we log onto the subway WiFi in the hope that it is secure. We then need to do something sensitive, like opening a document or transferring money between accounts, etc.

The question is… Is it safe to do so?

The honest answer is that it is a crapshoot. The odds of being hacked are not generally high across all public WiFi but if there is one thing we have learned about hackers… They strike where the money is. This could mean on or near Wall Street, in a Silicon Valley Starbucks or near the White House or Capitol Hill.

The answer then is a resounding – be careful out there. If you have to get on WiFi, don’t do anything important. But then again, if you are in email, you may not know what attachments or information are being sent and subsequently intercepted.

The internet has lots of tips on cybersecurity – 10 Tips to Make Your Computer More Secure, and Cybersecurity Essentials are a few good ones.

Lauren Cook writes a compelling article about subway WiFi. In it she interviews Omri Admon, corporate innovation specialist for SOSA, the firm tapped by the city Economic Development Corporation to launch its Global Cyber Center.

The two main concerns with public Wi-Fi, according to Admon, are “evil twin” and “man-in-the-middle” attacks.

A man-in-the-middle attack might involve a fake access page that looks similar or identical to the Transit Wireless Wi-Fi landing page. Once the user clicks through, the hacker can access the phone’s data.

“So if I type something that is a password or card information, that can definitely cause a problem. And that’s something that any public network is in danger of, especially one that is used by so many people,” Admon said.

An evil twin attack, meanwhile, is when someone sets up a fake Wi-Fi network that has the exact same name as the authentic one to trick unsuspecting users into connecting to the wrong one. Additionally, if someone has previously logged into the authentic Wi-Fi and has automatic connect engaged on their phone, they could be instantly and unknowingly brought to the fraud network, where the hacker can then access the phone’s data.

Justin Dolly tells us if you have to use public WiFi, make sure you use a VPN or SSL which is HTTPS instead of HTTP in the web address bar. Often, your site determines if HTTPS is available but most important sites do have this option.

Norton by Symantec reminds us not to use banking or shopping sites while we are on public WiFi – for any reason.

The short answer here as you have likely guessed is try not to use public WiFi if you can help it. If you are doing work for your company and your organization falls under compliance organizations like PCI, FINRA, HIPAA, GDPR or The NY Shield Act, you should be extra careful not to do company work on a public network.

If you have questions, the experts at Apex are available to help. If you are a customer or not, just reach out and we’ll be happy to help.





Apex Technology Services
Choose from comprehensive, affordable solutions for IT consulting, network services and computer help desk support in Fairfield county including Norwalk, Darien, Stamford, Greenwich, Ridgefield and Bridgeport. Also Westchester county including Rye, New Rochelle, White Plains, Yonkers and New York including Manhattan and the five boroughs.
IT SERVICES

IT SERVICES

Apex Technology Services is a cutting edge MSP offering quality IT support to financial, medical, legal, Fortune 500 and government agencies while adhering to the highest of quality...

LEARN MORE
CYBERSECURITY Services

CYBERSECURITY

Apex Technology Services has the cybersecurity expertise to help your business in a world filled with attackers looking to shut down your business hold it ransom or steal your valuable...

LEARN MORE
CLOUD SERVICES

CLOUD SERVICES

Apex Technology Services delivers a combination of traditional IT functions such as infrastructure as a service (IaaS), applications, software, security, monitoring, storage...

LEARN MORE

Ranked Top 10 Network security Solution Provider

One Stop Shop For All Your Technology Needs


Contact us Now!