Many people are not aware of this, but Wi-Fi hotspots at Starbucks, Barnes & Noble or your local hotel that offers it as a complimentary service are not safe for confidential browsing, performing financial transactions or for viewing your emails.
Public Wi-Fi does not offer encryption for individuals using the same password and hotspot. Also, your signals are broadcast across the immediate area. It is easy for someone else within your vicinity to eavesdrop on your communication. An unskilled hacker can intercept your signal using a phony hotspot or a tampering software that can be found on a search engine.
+ Also on Network World:
4 lesser-known Wi-Fi security threats and how to defend against them
+
The first task of a hacker is to get on the same network as the potential victim, then they can carry out that task with a public Wi-Fi network because they have the password. It does not matter if a network password is given out by the cashier or printed in your hotel room's welcome packet, once public, your security is compromised.
Many public Wi-Fi connections use
Wi-Fi Protected Access 2 (WPA2)
, a secure protocol for encrypting traffic between the wireless AP and the client. Many people think having this encryption secures their traffic, but they do not realize anyone who has the password can still snoop on the packets that traverse over the network.
Attackers can obtain a lot of information when eavesdropping on your Wi-Fi network connection. They can capture your passwords and content for sites that you sign into that do not require Secure Sockets Layer (SSL) encryption. Also, they can easily capture your email and file transfers that do not have any encryption applied. An attacker can also capture voice communication across Wi-Fi and replay it.
Software used to eavesdrop can be easily obtained on the internet and does not require a lot of technical skills to operate. This helps contribute to public Wi-Fi hotspots being more popular attack targets than some personal or private networks.
4 actions to secure your data on a public Wi-Fi
The best way to secure your traffic while using public Wi-Fi is to use a virtual private network (VPN). When connected, all your internet traffic is sent from your computer through an encrypted tunnel to the provider’s endpoint. The traffic is secure from any local eavesdroppers on the public Wi-Fi network. These public VPN services typically cost only $5-$20 per month. There is even software available on mobile phones that will enable a VPN to start automatically when connecting to a public Wi-Fi hotspot. The primary complaint when using a VPN is it can slow down your connection speed by 25 to 50 percent.
If you do not have a VPN configured, make sure that each time you connect to a website over a public Wi-Fi your session is encrypted. In your URL field, you should see HTTPS and not HTTP. You also want to make sure the entire session remains encrypted while you are browsing. There are some sites that will encrypt your login and then later during the session will send you to an HTTP connection, which will make you vulnerable to a hijacking attack. There are some sites that will give you an option to encrypt your entire session. It is best to encrypt the entire session.
Never perform a file transfer protocol (FTP) transaction over a public Wi-Fi. Also avoid using any other protocols that transfer data in an unsecured manner unless you have a VPN established. You can consider using secure FTP, which would encrypt your session. Also, for email client programs, you need to verify that SSL is being used for IMAP, POP3 and SMTP server connections.
A very common attack involves a hacker setting up a public Wi-Fi hotspot of their own near the site of the public Wi-Fi. It will likely have a similar name to the legitimate one the business uses. The problem is that all your browsing activity is being routed through the attacker’s network, which would enable them to monitor the traffic. To avoid this, always verify the exact name of the hotspot’s SSID from the business hosting it. Also, make sure you do not see two access points with the same name.
Wi-Fi eavesdropping is growing as an attack vector because more public Wi-Fi hotspots are being installed. Many cities, such as San Francisco and New York, offer free Wi-Fi at various public locations, and more people are taking advantage of it.
The problem is it is very easy for novice hackers to obtains personal information from these public hotspots. Users should consider using a VPN when connecting to a public Wi-Fi hotspot because the benefits of this protection far outweigh the cost of being compromised.
Join the Network World communities on
and
to comment on topics that are top of mind.
