NSA Warning - Avoid Public Wi-Fi

The US National Security Agency (NSA) has warned of the risks of using public Wi-Fi and is offering advice to security teams looking for best practices to protect corporate networks and personal devices. These  recommendations offer system administrators fundamental advice to protect home workers, along with remote and mobile workforces. 

The guidance, which is intended for National Security System, Defense Department, and defense industrial base usersexplains how to identify vulnerable connections and protect common wireless technologies when working on public networks. The first best practice, according to NSA, is to simply avoid connecting to public Wi-Fi at all. 

Instead, it’s best to connect using personal or corporately-owned hotspots, just not open Wi-Fi hotspots. Hotspots should feature strong authentication and encryption, too, according to the guidance.  “Telework has become an essential component of business, and many people are teleworking from home or during travel. While the owners of home networks can take steps to secure those networks, it can be difficult to ensure public networks are secure.

“Protecting personal and corporate data is essential at all times, but especially when teleworking in public settings....  to ensure data, devices, and login credentials remain secure and uncompromised, cyber security is a crucial priority for users and businesses.... This includes identifying higher-risk public networks and implementing security best practices while in public settings, whether connecting laptops, tablets, mobile phones, wearable accessories, or other devices with the ability to connect to the Internet. says the NSA.

Accessing public Wi-Fi hotspots may be convenient, but according to the NSA advice public Wi-Fi is often not configured securely. But when it can’t be avoided, work on a public Wi-Fi network should be conducted over a corporate-provided virtual private network, or VPN.

Using a VPN allows communications to be encrypted, meaning that data going across public Wi-Fi will be less vulnerable. Remote users are also advised to use Hypertext Transfer Protocol Secure - https:// - websites whenever possible.

According to the NSA guidance:

  • Laptop users should turn off the device file and printer sharing features on public networks.
  • Users should avoid entering confidential passwords, conduct sensitive conversations.
  • Never accessing personal data like bank and medical information. 
  • Online shopping and other financial transactions should be avoided.
  • Leaving devices unattended in public settings is also a bad idea. 
  • Devices should be updated with the latest patches and secured through multi-factor authentication whenever possible. 

NSA Also  Points Out The Risks Of Using Bluetooth

  • Malicious actors can find active Bluetooth signals and potentially gain access to information about devices it finds in its scans. That information can then be used to compromise a device.
  • The agency advises users to disable Bluetooth and make sure it’s not discoverable in public settings due to this and other cyber risks.
  • Users should never accept Bluetooth pairing attempts they didn’t initiate. 
  • Turn off any device-to-device data transfers, like the kind that allow for contactless payment. 

The NSA say it’s best to disable Bluetooth not in use just in case and says users should also make sure not to bring a device near other unknown electronic devices because it might trigger automatic communication and never to use it to communicate passwords or sensitive data.

Defense.gov      DefenseOne:    NextGov:     Threatpost:      Enterprise Times:       :

You Might Also Read: 

Why You Should Never Use A Free Proxy:

 

« An AI Can File A Patent Application
Detecting & Mitigating Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MetricStream

MetricStream

MetricStream provide integrated GRC solutions across business, IT, and security functions.

Hillstone Networks

Hillstone Networks

Hillstone Networks offers a broad range of security solutions for enterprises and data center networks – whether physical, virtual, or in the cloud.

Neowave

Neowave

Neowave designs, manufactures and markets strong authentication solutions based on smart card components and digital certificates.

Payatu

Payatu

Payatu Technologies is a security testing and services company specialized in Software, Application and Infrastructure security assessments and deep technical security training.

Momentum Cyber

Momentum Cyber

Momentum Cyber provides world-class M&A and strategic advice combined with unparalleled senior-level access to the Cybersecurity ecosystem.

Wizlynx PTE LTD

Wizlynx PTE LTD

Wizlynx PTE LTD is the Singapore branch of Wizlynx Group located in Singapore, offering Information and Cyber Security Services throughout the entire Asia Pacific (APAC) region.

CybExer Technologies

CybExer Technologies

CybExer provide an on-premise, easily deployable solution for complex technical cyber security exercises based on experience in military grade ranges.

SYSGO

SYSGO

SYSGO is the leading European provider of real-time operating systems for critical embedded applications in the Internet of Things (IoT).

Garner Products

Garner Products

Garner design, manufacture, and sell equipment that delivers complete, permanent, and verifiable data elimination.

CloudVector

CloudVector

CloudVector's API Detection & Response platform is the only API Threat Protection solution that goes beyond the gateway to provide Shadow API Prevention and Deep API Risk Monitoring and Remediation.

VISTA InfoSec

VISTA InfoSec

VISTA InfoSec is a global Information Security Consulting firm with offices based in US, UK, Singapore and India.

Kobalt.io

Kobalt.io

Kobalt are bringing the monitoring capabilities of enterprise-class security teams to smaller organizations.

Morpheus Enterprises

Morpheus Enterprises

Morpheus Enterprises offer managed security solutions designed to keep your web applications secure and your business running smoothly.

Atlas VPN

Atlas VPN

Atlas VPN is a highly secure freemium VPN service with a goal to make safe and open internet accessible for everyone.

Trustack

Trustack

Trustack services cover connectivity, infrastructure services, security, unified comms, agile working and more. Our team of consultants deliver customised solutions tailored to your needs.

Secure Blink

Secure Blink

Secure Blink provides automated application and API security solutions that empower developers and security engineers to protect critical assets from exploitation.