Now that many remote workers start to take advantage of working somewhere other than their home, Ethical Hacker Allena discusses the dangers of using public Wi-Fi.
Café’s, shopping centres, hotels and airports.
All places you would expect to find often free public Wi-Fi. Session hijacking, man in the middle, packet sniffing and malware spreading. All forms of attacks you leave yourself vulnerable to when connected to public Wi-Fi. This can result in the loss of personal and sensitive data including bank information and passwords.
A man in the middle attack is when a hacker will monitor traffic between the victim and a public Wi-Fi connection. It allows for packet sniffing, where hackers wait for the victim to login then steal the information as it’s being transferred.
Similarly, hackers can take control of your device. This is called session hijacking and done by pulling the victims sessions ID using packet sniffing techniques. Once hackers have control of your device, they can now also implement malware onto your device potentially to steal more data or revisit at a later time.
“Well sometimes I need to connect to Wi-Fi in public spaces. What am I supposed to do?”
Here are some tips for keeping safe when in need of Wi-Fi in a public space.
- Try using mobile data and hotspot devices to it and avoid using public Wi-Fi where possible.
- Be sure to create a strong password for connecting to the hotspot that is not easily guessable.
- If it is a necessity to connect to public Wi-Fi, do not access any sensitive or personal data when using it. This includes bank accounts, making purchases online and logging into online accounts. Hackers can steal this information. Especially if you reuse passwords across different accounts.
- Be aware of what Wi-Fi you choose to connect to. Check it is a trusted source and not just any random available Wi-Fi connection that pops up.
- Consider using a VPN while using public Wi-Fi. This will then encrypt data you send and receive on Wi-Fi providing some protection from hackers stealing data if intercepted.
- To prevent interception when web surfing, be sure to only visits secure websites. This means ensuring that the URL begins with HTTPS.
- When using devices in public, always be aware of who is looking over your shoulder. If you regularly work in public, consider investing in a privacy screen for your laptop. Also be sure to never leave your devices unattended!
- If all fails, be sure to have two-factor authentication turned on wherever possible. This can prevent hackers gaining access to any online account you may have as it’ll have to be verified from a second device.
This is another important reason why it is important to have different passwords across different accounts!
SBRC’s ethical hacking team can provide a series of cyber led presentations as part of our Professional Cyber Services. Click here to find out more.