Is connecting to an unknown WiFi with VPN the perfect security solution?

Public WiFi networks are everywhere and millions of people use them every day. Studying in the library, teleworking from a café, passing the time on a long layover at the airport…

These are common hunting grounds for cybercriminals, who take advantage of the ease of access and lower security of open networks to steal your data and infect your devices with computer viruses.

One way to protect your privacy and the security of your online traffic is to always connect to an unknown WiFi with a VPN. But is a VPN the perfect solution for securely connecting to an unknown WiFi?

Why is it dangerous to connect to a public network?

In general, free public WiFi networks tend to have low security settings, precisely because their objective is to provide internet access to a large number of temporary users in a simple way.

Open networks, which do not require a password to access, are the most vulnerable, as anyone can see your data traffic. But even public WiFi networks that require a password tend to use very simple formulas because, taking a bar as an example, they end up sharing it with dozens of users every day.

There are many ways to offer free WiFi. The most common is to share a password with other users. It may also be an open network that, once connected, redirects us to a captive portal where we have to enter our details to access the WiFi, as happens in airport or hotel WiFi networks.

In the case of networks where the same password is used for everyone, which is more common in bars and restaurants, although the security of the network may be high (WPA2 onwards), the fact that everyone knows the password means that, if the traffic is captured, it can be deciphered and all your communications can be seen.

If we are dealing with a connection through a captive portal, the connection is open. Although there are mechanisms for the traffic, once authenticated on the portal, to be encrypted, this is not the norm, so we will be exposed to the possibility that anyone can see our traffic.

What are the risks of connecting to a public WiFi network?

These are some of the most significant security risks to which you are exposed when connecting to an unknown WiFi network:

• Man in the Middle (MITM) attacks: These are cyberattacks that, instead of directly attacking your device or web servers, focus on the data traffic between the two. Exploiting the increased vulnerability of public WiFi networks, cybercriminals can launch attacks aimed at intercepting your communications, or passive attacks such as WiFi sniffing. In this way, they can steal or alter any information you transmit or receive while connected.
• Rogue hotspots: Not all WiFi networks out there are legitimate. Rogue hotspots are access points that look like official networks, using the names of institutions or businesses, to make users believe they are connecting to a trusted WiFi. In reality, it is a network controlled by cybercriminals and configured to spy on you, collect your data and even take control of your device.
• Malware and spyware: On an unknown WiFi network, even if it is private, you do not know who else is connected, with what intentions, or what the security settings of the connection are. Routers with outdated firmware, out-of-date wireless security protocols, passwords that are years old, etc. All of this generates vulnerabilities that can be exploited to infect the network with viruses that remain on your devices and facilitate the theft of information in the long term.

One way to mitigate these risks is to not connect to any unknown WiFi, and if this is unavoidable, to understand that we are on an insecure connection and try to interact with as few applications or services as possible.

It is not a good idea to connect to your bank account or log in to your email. However, the use of VPN is highly recommended, a service that encrypts your connection from your computer to the internet, keeping your data encrypted even on an open WiFi.

What is a VPN and how does it protect you on public networks?

Ideally, you should avoid public networks, but when this is not possible, more and more users are deciding to connect to unknown WiFi with a VPN to browse more securely.

A VPN is a virtual private network, a service that simulates a local network, like the one you might have at home or in the office, but it is not linked to your physical space and your router, but is virtual, in the cloud.

Let’s say that your computer establishes an encrypted and secure connection with another computer on the internet, and everything you browse is done through that computer to which you are connected. It’s like making an extension of your computer or phone so that everything is sent securely to another site and from there it communicates with the internet.

In this way, the traffic that enters and leaves your device through the WiFi network is always encrypted and no one can see it, since this encryption is independent of the WiFi network and, in general, much more secure.

There are several benefits to accessing an unknown WiFi network with a VPN:

• Protection against data inspection: The VPN creates a data tunnel that connects your traffic directly to the VPN server with an encrypted connection. This prevents anyone, not even the network administrator or the internet provider, from seeing the content of your online communications or what services you are accessing.
• End-to-end encryption: VPN protocols use an end-to-end encryption system that adds a layer of protection when you browse the internet through an unknown WiFi network with VPN.
• Mitigation of interception attacks: In the event that an intermediary attack manages to intercept your data packets, it would be very difficult for them to access the information. The encryption protocol of the VPN connection makes the data unreadable without the authentication and decryption key. The system is designed so that the information can only be decoded at the specified destination.
• Hiding the IP address: The VPN is an intermediate point between your device and the internet that allows you to browse with a high degree of privacy, as it hides your IP address. Your connection’s IP address and your location are associated with the selected VPN server, which can be in any country.

These advantages add several layers of security when you connect your devices to an unknown WiFi network with VPN, especially when it comes to preventing the theft of sensitive data. However, is it completely safe to browse on a public network with just a VPN?

Limitations of using an unknown WiFi with VPN

Using an unknown WiFi with a VPN allows you to create your own high-security connection within the public network. However, it is not a foolproof solution that guarantees 100% protection of your data and your connected devices.

A quality VPN provides excellent armor for your data traffic. However, the VPN does not protect your devices against computer viruses.

If any of the users connected to the same public network as you access fraudulent websites or download an infected file by falling for a phishing attack, they can attack all the devices on the network and, for example, infect the entire network with malware or ransomware, including your devices connected to the network.

Also bear in mind that not all VPNs are the same. Paid services tend to be more reliable, but it is important to select a VPN you trust.

It would be ironic to use a VPN for protection only to end up seeing your data compromised on the VPN server; either because of flaws in its security protocols or because the provider company captures your data and records your online activity for business purposes.

Connecting to an unknown WiFi network with VPN can also slow down your connection speed, depending on the provider. The encryption protocol used and the distance from the server can affect the connection’s response time.

Good practices for securely connecting to an unknown WiFi

Connecting to an unknown WiFi network with VPN is definitely a good way to make it more difficult for third parties to see and steal your data. But it should be accompanied by other precautionary measures:

1. First of all, make sure you are connecting to a legitimate WiFi. If you are in a café, for example, confirm the network name and password with the staff to avoid falling into rogue hotspots.
2. If you are on a computer, activate the firewall and disable the option to share folders or files on public networks to protect your device against unauthorized access.
3. Also make sure you keep your operating system, browser and a good anti-virus program up to date. These systems are constantly updated with the latest threats and, if you have old versions, they may have unresolved vulnerabilities.
4. Even with all the protections active, it is best to avoid performing sensitive operations and sending confidential data on public networks, even with the extra protection of the VPN.
5. If you need to shop online, access your bank account or enter passwords for work or your healthcare services, it is preferable to access them with your mobile phone data connection, for example.
   
6. And don’t leave without disconnecting your devices from the WiFi. Delete the network from the list of connections and disable the option to connect automatically so that your device does not access it again when you are in the area without you realising it.

Remember that on a public network you have very limited control. Tools like Acrylic Wi-Fi Analyzer allow you to see how secure a network is, the number of clients and devices connected to the network, even if you are not the administrator. This allows you to identify dangerous networks, fake or rogue APs, thus avoiding falling into the trap. But you cannot change the network security settings or disconnect suspicious devices or users.