Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Wednesday, 10 May 2017 09:57

It is so easy to hack public Wi-Fi

By

Over the past two weeks, I have encountered three fake public Wi-Fi SSIDs.

If I was not vigilant, and by coincidence was testing a new phone so the Wi-Fi list was empty, I may not have noticed and my use would be exposed to hackers.

First, was in a Westfield Shopping Centre where “Westfield Level 5 Guest” popped up. Suffice to say that is not the correct SSID (Service Set Identifier) for Westfield and judging by the signal strength was probably a nearby smartphone being used as a hotspot.

Next was at a hotel on the central coast I was staying at. Again, the hotel name and the word guest were well up the list but I knew that this was wrong as it was unsecured — no lock symbol — and I had been given a password.

Finally, a Sydney CBD coffee shop where I usually retreat to between interviews advertises free Wi-Fi and there it was – free and unsecured but just below the proper spelling of the café name with a secured connection.

These are not isolated incidents – in my recent travels in the US, New Zealand and inter/intrastate, I have found numerous instances of free, unsecured Wi-Fi that was potentially risky.

I mentioned that I was using a review phone and it alerted me to new SSIDs it encountered instead of blindly logging on – a convenient feature of most smartphones if they have encountered the SSID before. My day use phone is protected by Norton for Android that constantly reminds me of the dangers of free Wi-Fi and I use a VPN for added protection.

As this is a growing threat I asked NordVPN to provide some generic background on the issue. To be fair there are several reputable VPN companies as well as Norton (that provided the graphic at the end) and other security companies all of which will give similar advice – make sure you know the SSID, don’t use unsecured SSID, and all categorically state use a VPN.

NordVPN pointed to a study by Private Wi-Fi that although dated, stated that 79% of users don’t use a VPN with free Wi-Fi and indulge in risky business. And over 50% connect to free Wi-Fi at least weekly and 46% were blissfully ignorant of the risks of free Wi-Fi.

Kent Lawson, founder, and chief executive of Private Wi-Fi, said it all, “Every day we read about public areas like parks, train stations, and schools adding free public Wi-Fi, but we are not hearing about what this means for individuals using these services, the hazards that prowl, or how to protect ourselves. The public needs to know just how easy it is for hackers to hack into these public airwaves and steal your private information right out of thin air.”

NordVPN has identified three common ways that a hacker can take advantage of an unsecured or spoofed Wi-Fi hotspot.

Honeypot Wi-Fi. The most common threat is still a hacker positioning himself as a Wi-Fi hotspot - the so-called honeypot Wi-Fi. When that happens, a Wi-Fi user will be sending their information to a hacker instead to a legitimate Wi-Fi spot - and that could include credit card information, private emails, and any other sensitive information. This technique is very easy for hackers, as Wi-Fi spots rarely require authentication to establish a connection.

Wireless sniffers. Hackers can use sniffers, software, and hardware designed to intercept and decode data when transmitted over a wireless network. It is very easy to monitor and decode another person’s private data.

Shoulder surfing. Although not a tech-based threat there can be data thieves lurking around, who will watch over a shoulder to memorize passwords or credit card information that one enters into their device. Just as it’s important to be careful when entering a PIN number into an ATM machine, it’s important to make sure no one is looking over a shoulder when going online at a public Wi-Fi spot.

Simple rules to help make free Wi-Fi safe

Use a VPN. The best and most effective way for any traveller to protect their data is to use a VPN (Virtual Private Network). A VPN service encrypts all the traffic flow between the Internet and a device hiding user’s IP address and making it impossible for a hacker to see the plain text.

Disallow automatic wireless network connection. Make sure automatic wireless connection are not turned on, and Wi-Fi is turned off when it’s not being used – this will prevent hackers from automatically connecting to your device.

Sharing settings should NOT be set to Public. To prevent anyone from finding and accessing one’s device, it’s important to make sure System’s Settings are not set to Public sharing.

Be vigilant. It’s always important to know who’s around to avoid shoulder surfing or any other suspicious activities.

Don’t practice risky behaviour.

VPN risk

NordVPN also suggested using a firewall. Take care; there are more than 250 “firewalls” on Google Play and most require Android rooting – avoid these.

 wifi hidden dangers 663x237 

DIGITAL MARKETING HAS NO SOCIAL DISTANCING OR TRAVEL RESTRICTIONS

As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email andrew.matler@itwire.com

CONTACT US!

LAYER 1 ENCRIPTION A KEY TO CYBER-SECURITY SOLUTION

Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.

DOWNLOAD!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments