Wednesday, 10 May 2017 09:57

It is so easy to hack public Wi-Fi

By

Over the past two weeks, I have encountered three fake public Wi-Fi SSIDs.

If I was not vigilant, and by coincidence was testing a new phone so the Wi-Fi list was empty, I may not have noticed and my use would be exposed to hackers.

First, was in a Westfield Shopping Centre where “Westfield Level 5 Guest” popped up. Suffice to say that is not the correct SSID (Service Set Identifier) for Westfield and judging by the signal strength was probably a nearby smartphone being used as a hotspot.

Next was at a hotel on the central coast I was staying at. Again, the hotel name and the word guest were well up the list but I knew that this was wrong as it was unsecured — no lock symbol — and I had been given a password.

Finally, a Sydney CBD coffee shop where I usually retreat to between interviews advertises free Wi-Fi and there it was – free and unsecured but just below the proper spelling of the café name with a secured connection.

These are not isolated incidents – in my recent travels in the US, New Zealand and inter/intrastate, I have found numerous instances of free, unsecured Wi-Fi that was potentially risky.

I mentioned that I was using a review phone and it alerted me to new SSIDs it encountered instead of blindly logging on – a convenient feature of most smartphones if they have encountered the SSID before. My day use phone is protected by Norton for Android that constantly reminds me of the dangers of free Wi-Fi and I use a VPN for added protection.

As this is a growing threat I asked NordVPN to provide some generic background on the issue. To be fair there are several reputable VPN companies as well as Norton (that provided the graphic at the end) and other security companies all of which will give similar advice – make sure you know the SSID, don’t use unsecured SSID, and all categorically state use a VPN.

NordVPN pointed to a study by Private Wi-Fi that although dated, stated that 79% of users don’t use a VPN with free Wi-Fi and indulge in risky business. And over 50% connect to free Wi-Fi at least weekly and 46% were blissfully ignorant of the risks of free Wi-Fi.

Kent Lawson, founder, and chief executive of Private Wi-Fi, said it all, “Every day we read about public areas like parks, train stations, and schools adding free public Wi-Fi, but we are not hearing about what this means for individuals using these services, the hazards that prowl, or how to protect ourselves. The public needs to know just how easy it is for hackers to hack into these public airwaves and steal your private information right out of thin air.”

NordVPN has identified three common ways that a hacker can take advantage of an unsecured or spoofed Wi-Fi hotspot.

Honeypot Wi-Fi. The most common threat is still a hacker positioning himself as a Wi-Fi hotspot - the so-called honeypot Wi-Fi. When that happens, a Wi-Fi user will be sending their information to a hacker instead to a legitimate Wi-Fi spot - and that could include credit card information, private emails, and any other sensitive information. This technique is very easy for hackers, as Wi-Fi spots rarely require authentication to establish a connection.

Wireless sniffers. Hackers can use sniffers, software, and hardware designed to intercept and decode data when transmitted over a wireless network. It is very easy to monitor and decode another person’s private data.

Shoulder surfing. Although not a tech-based threat there can be data thieves lurking around, who will watch over a shoulder to memorize passwords or credit card information that one enters into their device. Just as it’s important to be careful when entering a PIN number into an ATM machine, it’s important to make sure no one is looking over a shoulder when going online at a public Wi-Fi spot.

Simple rules to help make free Wi-Fi safe

Use a VPN. The best and most effective way for any traveller to protect their data is to use a VPN (Virtual Private Network). A VPN service encrypts all the traffic flow between the Internet and a device hiding user’s IP address and making it impossible for a hacker to see the plain text.

Disallow automatic wireless network connection. Make sure automatic wireless connection are not turned on, and Wi-Fi is turned off when it’s not being used – this will prevent hackers from automatically connecting to your device.

Sharing settings should NOT be set to Public. To prevent anyone from finding and accessing one’s device, it’s important to make sure System’s Settings are not set to Public sharing.

Be vigilant. It’s always important to know who’s around to avoid shoulder surfing or any other suspicious activities.

Don’t practice risky behaviour.

VPN risk

NordVPN also suggested using a firewall. Take care; there are more than 250 “firewalls” on Google Play and most require Android rooting – avoid these.

 wifi hidden dangers 663x237 

Read 14049 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

SONICWALL 2022 CYBER THREAT REPORT

The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Ransomware
Cryptojacking
Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.

GET REPORT!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

VENDOR NEWS