Public Wi-Fi threats

Public Wi-Fi: muddy water you did not expect

Helga Smith

We are used to the situation that you can get Internet access wherever you want. You will likely be surprised when the hotel where you have booked a room has no Wi-Fi network than if it has. Free Wi-Fi can be met even in a little café at the corner of the building you pass every day, or in the public park where you are walking on your weekend. But there is an unseen and often unspoken danger, that is actual for every public Wi-Fi network. Let me explain to you, which hazards are meant and how to decrease the related risks.

How can Wi-Fi be dangerous?

Your own home wireless network access point has a lot of differences with public Wi-Fi networks. And I meant not only technical details, but also the external factors that surround hotspots in the process of usage. Saying short, technical details influence is minimal – you can easily meet the network in a restaurant that has the same technical aspects as your home Wi-Fi does. So, let’s check out which factors can lead to unpleasant consequences for your data and your PC.

Encrypting mechanism

Every Wi-Fi router provides the ability to choose the security mechanism for the new-created network. However, because there is no display on the router, and it is equaled with the periphery devices, you need to connect to the just-created network with your computer or laptop. The interface of a web setup application is not very user-friendly, so the majority of users just plug the router cable into the power outlet, insert the Internet cable in it, and then start the Wi-Fi usage. Even if an inexperienced user sets up the network, he will likely choose the WEP encryption, because it is much easier to set up that WPA. But what is the problem with WEP?

WEP and WPA specifications
WEP and WPA specifications

First, let’s figure out why traffic encryption is needed. Every time when you get a message, or watch the video on YouTube, your device swaps the data packets with the server. But these packets can be intercepted and read by anyone who has the special software. Such an attack is called Man in the Middle (MitM), and used to steal the credentials for your social networks, banking apps, as well as other information that may be useful for blackmailing or demanding the ransom, for example. Encryption is used to make the traffic impossible to read by the third party, so all mentioned horrors will be much harder (or even impossible) to perform. 

Data stealing scheme
Wired Equivalent Privacy (WEP) uses the 40-bit encryption key, and because of some features of the encryption mechanism that is used in Wi-Fi routers, it is very easy to crack. WPA, which was presented as a successor1 of the WEP, uses 128-bit (or even 256-bit, if we are talking about WPA-3) keys, which are likely impossible to hack.  So, after these spatial reasonings, we can make a conclusion, that 1 man with the proper software on his laptop is enough to make your private conversations not so private.

Creating a fake Wi-Fi network

There is also a more developed variant of the classic MitM attack. Cybercriminals create an access point that is placed very close to the local restaurant, and name it as close to the name of the Wi-Fi network of this restaurant as possible. Such hotspot may be named as “Starbucks_”, while the original one has no underscore in its name (simply “Starbucks”). After the network is established, the hunt begins. People connect to this network without any suspicion, and then start browsing the network in their usual way. Because this network is controlled by maleficents, they can check all data packets without any trouble. Besides traffic control, they can force the victims’ browsers to open the phishing websites in spite of the pages they are opening2.

Rules of secure usage of public Wi-Fi

Prefer to use the secured networks. This solution is obvious, but even WEP encryption is better than no encryption at all. Of course, you can get into the situation when there are no networks with the encryption in the range, but the risk may be too big to make such a reckless action. 

Do not share the important information through the public hotspots. When the circumstances force you to use unprotected Wi-Fi, try to minimize the risks. Do not log in your accounts, avoid using the banking app, and do not send any files that must not be in public access. 

Always check the proper SSID of the Wi-Fi network you are going to use. Usually, all cafes, restaurants or hotels which offer the wireless internet access point, also provide the network name (SSID) somewhere at the reception, or in the room. Check these places or ask the stuff for the correct information. 

Use virtual private networks (VPN). This trick allows you to forget about the first type of MitM attack (when the network is not controlled by the cybercriminals). Nowadays, VPN may be embedded in your anti-malware program, so you can set it up without any additional downloads. However, if you will connect to the counterfeited hotspot, VPN will not be able to protect your data.

  1. WPA security mechanism description
  2. Detailed article about the internet security

0 Comments

Leave a Reply

More great articles

Windows hints to make your system faster

Windows Hints, or how to speed your system up

Windows is an epoch-making operating system. It has a monopolistic position on a personal computer systems market. To make the…

Read Story
Trojan-miner: reasons and methods

Trojan-miner: reasons, distribution, effects

Coin mining trojans appeared not so long ago, getting the fame of “not so dangerous virus”. In one of the…

Read Story
Dangerous browser extensions

Browser extensions: non-obvious danger right under the nose

Browser extensions are a rather useful thing. They make our browsing more comfortable, disabling the ads that can sometimes flood…

Read Story
Arrow-up