You shouldn’t be any more comfortable with public WiFis than you are with public toilets.
If you turn on the WiFi on your device right now, depending on where you are, you will find somewhere between three and perhaps a hundred available connections. Each of those connections acts as both mouths and ears, and there’s no telling the number of ears that could be plugged into them.
If you’re reading this blog, say at an airport, waiting to board a flight, you will find an open WiFi connection that travellers can use without requiring a password. If you’re at a hotel, you might find one for guests. Let’s look at the airport WiFi; you have hundreds, or even thousands, of people connected to it, some are checking their mails, some are watching movies, some are catching up with office work en route their destinations, some are running financial transactions, and some are simply…listening. They are harvesting as much information as possible, to do as much damage as possible in as little time as possible. The boarding announcement for a flight is made and a few hundred people shutdown their devices and proceed for boarding, looking around to be sure they are leaving nothing behind, yet not knowing that the “invisible” that they have left behind is worth far more than the visible that they have taken with them. Some have left behind passwords to the corporate networks of the companies where they work, some have left behind access information to their bank accounts, some have left behind proprietary information on the next product they are working on, some have left behind very private information that was meant for only their spouses. They have boarded the plane and are airborne; the rest of the story will be on the news—a ransomware attack with payment demanded in bitcoins.
Now this was possible, not because it was an airport WiFi, but because it was a WiFi, and the users had little or no understanding of how wireless bullets are fired in cyberwarfare, which is what we’re going to see now—how attackers use WiFi to fire their shots (again we might go just a bit technical here).
Man-in-the-Middle Attack: This is very common with unsecure (open) or poorly secured WiFi connections. All the attacker has to do here is plug into the network and find vulnerabilities which he can exploit to deploy tools to intercept users’ communications. If these communications are encrypted, he simply decrypts them using other cheap tools, and at the end he has a bag full of login credentials, banking information and other personal data.
Evil Twin: Here an attacker sits in a public place and transmits his own free wireless signal, but gives it the same name with a known WiFi network in that place. So if you’re at the airport, for example, you could see two WiFis bearing the name “Airport Guest”, however, what you wouldn’t know is that one of them is an evil twin. Of course your most natural tendency would be to connect to the one with the strongest signal, which most likely would be the attacker’s, who is seated just a few metres away. So you connect to this network and believe you’re on the airport’s WiFi, but you are right in the centre of his palm, and everything you do he both sees and keeps.
Packet Sniffing: Packets are “capsules” in which the information you send over the internet travel. When this communication is done over a WiFi connection, these packets can be captured by anyone on the network using very simple tools. An attacker capturing the packets can decrypt them if they are encrypted and have everything in plain text for his use—usernames, passwords and all.
Session Hijacking: An attacker on the same WiFi network with you can “clone” your device by changing his device ID (called a MAC address) to the same as yours, then get into an active session that you have running and act as you from that point on—except he will be acting much faster than you. (See the chapter on Hijacked for more on this).
Other Random Attacks: Malwares, spywares and a cocktail of viruses could be dropped on your device by an attacker sharing the same network. Of course these malwares have been programmed to execute malicious codes that will achieve the objectives of the attacker, whether it is simply to spy on you persistently, or to spread itself across your corporate network when you get back to the office, or to encrypt your files and demand a ransom; the malware, once safely deployed, would take its place and do its job. In this case, unlike other naïve WiFi users at the airport who left behind the invisible, you are not leaving anything behind, but you’re taking with you the invisible. Again we will watch the news for the rest of the story.
Marching Orders
- Don’t be any more comfortable with public WiFis than you are with public toilets.
- Use a licensed VPN on your connecting device to add a layer of encryption.
- If you see multiple public WiFis bearing the same name, forget about connecting; dump the idea all together, except you can verify from the owners which is which.
- Do not perform any financial transactions over open WiFi connections.
- Do not perform any task that requires user login or authentication over open WiFi connections. Don’t login to your office network, school portal, not even to a candy store. If the task you intend to undertake requires login, forget about it, find other ways to work online or offline and then login when you have a more secure internet connection.
- In all your communications over such networks—which should be few to none—do not share any sensitive information.
- Do not configure your device to remember public networks and connect to them automatically; ensure that this is disabled, otherwise your device could automatically connect to an evil twin from your pocket on your next visit.
- Configure your personal WiFi connection with maximum security, this should include very strong passwords, possibly disabling broadcast of your WiFi name, and other security features available on your device.
- As always, sound the battle cry to those around you—“Be careful what you do after you click ‘Connect’; you might be ranting on the same ship with the attacker.”