CYBER BLOG: Wi-Fi Woes - Part III

CYBER BLOG: Wi-Fi Woes - Part III

So far in this series we have covered the basics of Wi-Fi and the way in which your devices can leak information about your movements and devices. This time we will look a bit more about the dangers of connecting to Public Wi-Fi hotspots.

Sometimes when you connect to a Wi-Fi network, there is no need for you to enter a password, these are “unsecured” networks. Sometimes you will be taken to a “landing page”, a web page in your browser asking you enter a username or agree to terms and conditions about the use of these networks.

These networks are known as “Unsecured” networks. When your device sends a request to visit a web page the request sent is unencrypted, or sent in ‘plain text’. This means that anyone within range can capture this traffic and between you and the router and see what is being sent. The only way to prevent this is to ensure that the websites that you are visiting are using “HTTPS” and not “HTTP”. If the website is using HTTPS, then the traffic will be encrypted. If you are using an unprotected Wi-Fi hotspot it is vital that you do not enter any details to a webpage, especially if it is not using HTTPS.

Sometimes, you will be prompted to enter a Wi-Fi password. Typically the establishment will tell anyone who wants to know what the password is. These Wi-Fi networks are often seen as “Secure”. The purpose of the password is to encrypt the information that is going between the device and the router. The issue is that anyone with the password can unencrypt this traffic and the same problems as with “unsecured” networks exists.

This however is not the only issue with using public Wi-Fi. It is very easy for a hacker to set up a Wi-Fi hotspot. This network could be made to look like an existing network, it could even be made to look like a network that you have previously connected to and tricking your device to connect to this “rogue” network instead of the genuine one. This type of attack could even trick your device in to connecting to the rogue network even if you are not meaning to connect to Wi-Fi.

If this happens, then the hacker can not only see all the traffic that your device is sending and receiving but they can also modify this traffic. This could be something as simple as changing the images that appear on a website or tricking you in to downloading a malicious file to give them control of the device.

The best way to avoid these types of attack is to not use public Wi-Fi and make sure that your Wi-Fi is turned off when you are not in range of a trusted network such as your home network. If you must connect to a public Wi-Fi network, then the best advice is to ensure that you are using a VPN, a Virtual Private Network. VPN’s encrypt all traffic from your device to the internet.

To find out more about your Wi-Fi networks or any of the other work that the hackers do, email [email protected].

Related News

Member Log-In

Welcome to the SBRC Members Lounge, login details will be issued to members in due course.

Forgot password?