Smartphones and tablets have become an integral part of our everyday lives; Practical for on the go, the ideal companion for business trips. But what if you don’t have mobile data for a while, for example in a country where roaming can cost a lot of money? Then mobile or public hotspots could be an option. But is it always so safe?

Maybe it’s happened to you before, an email needs to be answered urgently, an appointment has suddenly been brought forward or you need to be in an online meeting but don’t have mobile data at the moment. In some conferences, the WLAN is not always sufficient to serve all participants smoothly at the same time. Who knows, you might find another open network or someone who wants to share a mobile hotspot with you. Friendly, of course. Practical, absolutely. But sure, that could be another pair of digital cases.

Risks for the provider

When you share a mobile hotspot with someone, you are primarily sharing your own mobile network and not your data. Therefore, the biggest and most real risk is that this person abuses your kindness and drives your data usage to unprecedented heights. This can prove to be a difficult and costly form of grace, especially for those who don’t have an unlimited package.

Another possibility, if your digital guest decides to download ten movies at once, is that your traffic will slow down tremendously. Even if you stop sharing and refresh your network, it may take some time to get your traffic back up to speed, depending on the other person’s activity or what you’re doing (trying) on ​​the same network at the same time.

No LAN party

Isn’t your data a risk factor anyway? Yes, but then you must already be sharing that mobile hotspot with someone who has the skills to do damage in this way. The chances of you encountering a hacker who just picked you aren’t great, but there’s no harm in knowing. Once you share your cellular network, you are essentially creating a LAN, or local network.

Someone with some skills can perform (attempt) an attack over the LAN connection when he or she is connected to your mobile hotspot. There is a chance that there is a security hole somewhere on your phone, for example in your operating system, for which you have delayed the latest update for three weeks. A hacker can detect it and install malware or break into your data. But then that would have to happen right in front of you, so the chance remains minimal.

Illegal Activities

One thing is so obvious that it’s easy to forget that your fellow surfer is doing something illegal on your network. This can happen pretty quickly, for example a harmful post on social media is structured like this: negationism, a threat, something racist, … Your guest can also download or upload something illegal, do shady deals; The possibilities are endless. And whose network then turns up in the investigation when something like this happens? Correct.

As a guest, can you see what’s happening on the device you’re connected to? No, as a provider of time you don’t normally have to worry about this. On the contrary, the chance is more real the other way around.

Risks for the user

Not only the host or hostess is at risk, you also have to be careful when using a mobile hotspot.

There is software that allows the administrator of a hotspot to monitor what a temporary user is doing on their phone. Your best friend won’t, but you can never be sure with an unknown source.

The biggest risk you’re running is a MITM attack, which stands for “Man In The Middle” (hacking terms aren’t quite comprehensive yet). A hacker positions themselves between you and the source of the network without either party noticing. If it’s a quasi-unsecured system, it’s child’s play for a little cyber pirate. He or she can then track what you are doing with an unsecured connection and view and steal all your data. The man in the middle can also redirect traffic from a real bank website to an identical-looking one for phishing purposes.

The man in the middle can redirect traffic from a real bank website to an identical looking one.

Before you know it, you are making a series of involuntary purchases or are unknowingly a donor to an anonymous account in the Cayman Islands. This important contract, which the outside world must not yet know about, seems to have suddenly leaked. Images of a prototype are sold to the competition. Your own not entirely legal moves fall into the hands of someone not averse to blackmail. Sounds like waking up in a nightmare? These are all examples that could result from a MITM attack.

A MITM attack is also the biggest risk you face when connecting to an unreliable or overly open public network.

Public wifi

As expected, the above risks also apply when you log on to a public WiFi network. Especially if it is done without a password or registration. There are two possible sources to consider in such networks.

First of all, there is the provider itself. Free WiFi, accessible to all: Sometimes it’s too good to be true. Always remember that there are no free offers. Or you surf for free because a company wants to convince you to buy something or use their services. Then it’s almost a form of marketing. But a free network can also be shared by someone who wants to access your data or device.

A public network means it’s accessible to everyone, including those with bad intentions. The second risk factor that you need to consider is that there might be hackers on the network of this personable shop as well. It is not that difficult for them to launch an attack on a connected device over this network.

Precautions

The first important rule also applies offline (and actually everywhere): if it seems too good to be true, then it is. A friendly stranger who spontaneously offers you his mobile hotspot, a private network that just so happens to have no password? There is a real chance that it is not a snag but a Trojan horse among the digital grass.

In fact, the key word is often “trust”. Only use the mobile hotspot of someone you know and only connect to a network you trust. Conversely, don’t just give your traffic to anyone who asks. Of course, it is often still a matter of your own judgement.

separation

A little offline preparation can also help you on your way. Make sure to save text and email drafts and create an offline backup if possible. If possible, keep important documents such as contracts, blueprints or sensitive material on an external device and do not connect it to your phone, laptop, etc. unless necessary. Certainly not when you’re connected to an open network that you’re not familiar with. Or go “old-fashioned” and write things like contact details or your taxi reservation in a paper notebook. There are beautiful specimens.

If you really can’t do without mobile data, there is always the option of creating a temporary, local account with a provider so that you can use your own mobile network as you are used to from home. In this case, always check the conditions and possible costs. If you don’t fully understand it, stay away from it. Something like this, like the various hotspots, always happens at your own risk.

Technical Aids

Of course, there are also technical ways to make the use of hotspots a little more secure. For example, you can disable the option for other people to participate in your settings. Good advice is always a secure password. It’s best to change that after you’ve shared a mobile hotspot. Also, use the strongest encryption available on your device.

You can also always redirect your traffic via a VPN through an external server. In addition, your IP address becomes much more anonymous and therefore more difficult to trace. A virtual private network also encrypts your data and makes it difficult to access. Keep in mind that a VPN is not foolproof; It reduces the risks but doesn’t eliminate them completely.

internal policy

Many companies are aware of the real dangers that a public network can pose. For this reason, more and more companies are setting up a two-step verification query when an employee logs into a company website via a public hotspot. It takes a few seconds longer but is much safer.

Some companies simply restrict access to their systems over a public network. This sounds strict, but it can help reduce risk.

Of course, you are always free to make your own choices, but always think twice about trusting anything or anyone. Maybe someday you’ll be able to thank us for this golden advice without ever realizing it.