Technology has liberated us from our desks and homes. We can connect to applications and access information from virtually anywhere thanks to mobile devices and laptops. We can finish a presentation from a hotel lobby, write a report while enjoying a latte at a coffee shop, or search the web to compare prices while shopping in a store thanks to cellular and Wi-Fi connectivity. One of the persistent myths when it comes to connecting on the go, though, is that cellular networks are more secure than Wi-Fi networks. The reality is that current generations of both cellular and Wi-Fi networks provide sufficient security.
5G and 4G/LTE Cellular Networks are Safer
There is a general sense for many people that cellular connections—whether 5G, 4G / LTE, or 3G—are somehow inherently more secure than a Wi-Fi network, especially an open network like a public hotspot.
Cellular Network Security Concerns
When you use a smartphone or other mobile device to connect over a cellular network, there is a direct 1:1 connection between the device and the cellular provider. Identity is authenticated via the device’s SIM chip, among other things, and the connection between the mobile device and the provider is encrypted by default.
The features mentioned above for cellular networks are good, and they contribute to the relative security of connecting or transferring data across a cellular network—but they are not invulnerable.
Depending on the device and network, cellular security can be relatively easy to hack. At the 2021 Pwn2Own competition, a security researcher was awarded $50,000 for breaking into a Samsung Galaxy S21 smartphone using a unique three-bug chain.
A SIM card does provide a degree of physical authentication to verify the device, however it is trivial for cybercriminals to clone a SIM chip. With a duplicate copy of your SIM chip in hand, any mobile device can be authenticated to the cellular network “as you”.
I am not suggesting that cellular security is poor—just debunking the myth that it is inherently better than Wi-Fi security. Today, cellular and Wi-Fi networks each have unique strengths and benefits, but overall neither has a clear advantage over the other when it comes to security.
Wi-Fi Security has Evolved
Much of the reputation for Wi-Fi security being inadequate is based on technology and anecdotal stories from 20 years ago. The original WEP encryption was relatively simple to crack. Joining a shared open network could potentially expose traffic from your device to other devices on the network.
That is not the case today, though. Wi-Fi technology and Wi-Fi security have evolved significantly over the past two decades. WEP encryption was replaced by the original version of WPA. Both of those protocols had weaknesses that allowed them to be cracked with relative ease. WPA2 became the default encryption protocol for Wi-Fi in 2006.
Today’s Wi-Fi security standard is WPA3—which dramatically improves Wi-Fi security. WPA3 improves on WPA2 in a variety of ways. It adds a 192-bit security level, includes Beacon Protection, replaces the pre-shared key (PSK) exchange with Simultaneous Authentication of Equals (SAE) exchange, and allows you to disable transitions to networks that do not support the strongest security mode. Additional Wi-Fi capabilities including Wi-Fi CERTIFIED Passpoint™ and Wi-Fi Enhanced Open in particular raise the bar for security when using public hotspots and open networks. Wi-Fi security has evolved, and Wi-Fi is well suited to protect mission critical networks.
Passpoint® provides a secure network connection and avoids the potential for accidentally connecting to a rogue access point when connecting to a public or guest network. Passpoint enables users to seamlessly authenticate their device on the network or connect through credentials provisioned by a service provider, including certificates and SIM-based credentials. It will automatically connect on future visits and provide a secure connection to the Wi-Fi network.
For simplicity and convenience, many public hotspots choose to leave the Wi-Fi network open—allowing any device to connect without authenticating and in some cases, without encrypting the data between the device and the network. Wi-Fi Enhanced Open leverages Opportunistic Wireless Encryption (OWE) to provide unauthenticated data encryption while still allowing the network to be open. It reduces the risk of data exposure or theft when using an open Wi-Fi network.
You Can Trust Wi-Fi Security
For connecting on the go, both cellular and Wi-Fi networks deliver the convenience and performance people need. It’s good to have both options available. You may find yourself somewhere with no public Wi-Fi access available, or you could be somewhere where there is a weak or no signal for your cellular provider.
Wi-Fi networks today are every bit as secure as cellular networks, and there is no reason not to connect to a Wi-Fi CERTIFIED network with confidence when one is available.
- Tackling Swivel Chair Syndrome - November 14, 2024
- Unlocking Proactive Compliance with Adobe’s Common Controls Framework - October 14, 2024
- Unlocking the Power of Continuous Threat Exposure Management - October 8, 2024
View Comments (0)