It didn't take long for Wi-Fi to be widely adopted after the late Apple co-founder Steve Jobs surprised crowds at the 1999 MacWorld Expo by walking around with a laptop wirelessly connected to the internet.
Younger generations now take it for granted. That prevalence, however, has made it vulnerable to cyber criminals, hackers and other bad actors.
The UAE’s Cyber Security Council recently gave a reminder of that fact by announcing that there had been at least 12,000 recorded breaches of Wi-Fi networks in the country since the beginning of 2025.
Ivan Milenkovic, a vice president at the California-based IT security firm Qualys, wasn't shocked by the statistics, and said Wi-Fi networks remain vulnerable for several reasons. The very qualities that make Wi-Fi so popular, he explained, are also what make it so vulnerable, creating a situation where the technology becomes a double-edged sword. "By their nature, they are open to anyone within range," he said, referring to Wi-Fi routers.
"This openness is what makes them so convenient, but it's also what makes them so insecure." Mr Milenkovic added that many public Wi-Fi routers, such as those in airports, malls and other heavily populated areas, do not encrypt the data that is transmitted. "This means that anyone else on the same network can potentially intercept and read the data, a practice known as snooping or eavesdropping,” he said.
In a worst-case but all too common scenario, Mr Milenkovic added, criminals take advantage of the openness of Wi-Fi and "position themselves between a user's device and the router", making it possible to steal passwords, financial information and other data. Sometimes, those seeking to steal information manage to do so even with limited knowledge, with a simple game of deception.
Mr Milenkovic said hackers will occasionally set up their own wireless networks, known as "evil twin networks", in highly-traffic areas and name their Wi-Fi network so it appears to be legitimate. "'Free_Airport_WiFi,' is often used to trick users into connecting," he said. "Once connected, they can monitor all online activity."
Morey Haber, chief security adviser at cyber security company BeyondTrust, said that although some aspects of Wi-Fi security will improve, based on historical precedent, he expects weaknesses will continue to be exploited.
"Old vulnerabilities may evolve into new attack vectors that might be harder to mitigate," he said, pointing out that Wi-Fi technology frequently changes, but installed routers sometimes sit for years before being replaced. "Especially as they [routers] age they may have their own unmitigated vulnerabilities," Mr Haber pointed out.
Though tempting and more readily available than ever, Mr Haber said it's probably best not to connect to public Wi-Fi accounts if you want to reduce the likelihood of having data and passwords stolen.
"The best recommendation is to always stay on your mobile network or use your own hotspot when working with any sensitive applications or personal data," he said, adding that if it's absolutely necessary to sign up for a free public Wi-Fi network, users should try to avoid disclosing their name and personal email address.
"That is all personally identifiable information that can be harvested and potentially used later in phishing attacks." Once that information is submitted, users no longer have control over what it might be used for going forward.
Mr Milenkovic offered similar advice, and said other simple steps can be taken to keep your data secure if you must use a public Wi-Fi hotspot. "Ensure that file sharing is turned off on your device before you connect to a public Wi-Fi network," he said, noting that while it's sometimes inconvenient, keeping your operating system and other software updated is also important in making attacks less likely.
Irina Artioli, a cyber protection evangelist at Acronis Threat Research Unit, said that the onus of cyber protection with Wi-Fi threats, should not just be on the average consumer.
“Treating Wi-Fi security as part of the overall cyber hygiene, not just a personal issue, is essential,” she said. “Businesses should educate employees that connecting a corporate laptop to an untrusted network carries the same risk as clicking a malicious link.”
