April 1, 2019 at 19:25 #2523
Today, public Wi-Fi is readily and widely available in airports, large cities, restaurants, and public transport. While accessing this connection offers you an ideal chance to access your online accounts, check emails and catch up with your friends, you expose yourself to a lot of security risks. The average public Wi-Fi is not secure, and though you may require a password to login into your online accounts, it doesn’t mean your information is encrypted. Many public Wi-Fi networks use weak encryptions that pose a lot of security problems. An open Wi-Fi has various vulnerabilities like man-in-the-middle (MITM) attacks and the risk of joining a rogue Wi-Fi.
What makes public Wi-Fi vulnerable to attacks?
A public hotspot is vulnerable to cyber attack due to the low-security mechanisms implemented to protect data transfer in the network. One of the dangers of this network is unencrypted and unsecured connection leaving the user vulnerable to MITM attacks. A MITM is when an attacker exploits a vulnerability in the network to intercept data.
When a cybercriminal succeeds to infiltrate your communication, they can sniff information that you pass over the public connection. These criminals look for sensitive information like purchase transactions and account login details. When the attacker gets such crucial information, he can access your data as if they were you.
The same features that entice users to join a public connection are the same features that make the connection suitable for hackers. It does not require authentication to join public Wi-Fi. Another reason why public Wi-Fi is susceptible to cyber attack is hackers find it convenient for spreading malware. If you allow file sharing in your device, an attacker can plant malicious software in your computer. When such malware is in your system, there is a wide array of information the hacker can get from your system.
Rogue WI-Fi is also another reason why public internet connections are vulnerable to cyber tacks. They are open hotspots with a similar name as the legitimate hotspot which attackers set to trick people into connecting to their networks. Once a victim connects, the hacker can intercept information or inject malware into the connected devices.
Signs you are signed to a rogue Wi-Fi
The easiest rogue hotspots to detect are the ones which require a password for the connection. If you deliberately enter the wrong password, and you are granted permission to connect, there is a great chance that the hotspot is not legitimate. Rogue access points will allow anyone to connect since they need to siphon information from their victims.
Also, slow internet connections should be an indication of a possible rogue Wi-Fi. If the hacker is using a mobile phone to facilitate the connection, the speed should be slower than the authentic source.
The address of the sites you visit can tell you if you are on the wrong connection or not. If you are browsing a banking website and it shows an unencrypted HTTP connection, instead of the safe HTTPS, you are on a rogue connection. This is a hacking technique called SSL stripping used by malicious people to get your password and other vital information as you enter them.
Many legitimate public Wi-Fi connections require a user to agree to their terms and conditions before they use it. If you gain access to a public Wi-Fi connection without such a requirement, it should be a red flag that you are connecting to a rogue Wi-Fi.
Measures to take to protect yourself on public Wi-Fi
As a protective measure, you should not browse to sites that require sensitive information like email passwords, banking details while on a public Wi-Fi.
If you must use public Wi-Fi to do company work and your organization provides VPN, use it for connection. A VPN establishes a private network for you to relay information back and forth, providing an additional layer of security to the connection.
When browsing in a public connection, surf websites that start with HTTPS, these websites are encrypted to add an extra layer of security to your information. Sites that begin with HTTP are vulnerable to MITM attacks. You can also install extensions like HTTPS-everywhere to compel all the visited websites to connect via HTTPS. This will ensure you can never fall in the trap of hackers snooping on public connections.
You should configure your device’s wireless connection settings not to connect to available hotspots automatically. This ensures you cannot connect to rogue and unsecured Wi-Fi without your consent.
Your devices especially laptops should have robust anti-malware applications when accessing public Wi-Fi. Many attackers leverage any possible opportunity to infect devices connected to a public hotspot with spyware to monitor their victim’s behavior and steal critical information. The best way to cushion your device from such attacks is to have an updated strong anti-malware in your device.August 31, 2019 at 18:49 #5391
It’s been featured on our medium: https://medium.com/@cybersecurecentral/public-wi-fi-security-from-our-forums-317fd29993b5