Home ShawThing It is so easy to hack public Wi-Fi

Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

It is so easy to hack public Wi-Fi

Over the past two weeks, I have encountered three fake public Wi-Fi SSIDs.

If I was not vigilant, and by coincidence was testing a new phone so the Wi-Fi list was empty, I may not have noticed and my use would be exposed to hackers.

First, was in a Westfield Shopping Centre where “Westfield Level 5 Guest” popped up. Suffice to say that is not the correct SSID (Service Set Identifier) for Westfield and judging by the signal strength was probably a nearby smartphone being used as a hotspot.

Next was at a hotel on the central coast I was staying at. Again, the hotel name and the word guest were well up the list but I knew that this was wrong as it was unsecured — no lock symbol — and I had been given a password.

Finally, a Sydney CBD coffee shop where I usually retreat to between interviews advertises free Wi-Fi and there it was – free and unsecured but just below the proper spelling of the café name with a secured connection.

These are not isolated incidents – in my recent travels in the US, New Zealand and inter/intrastate, I have found numerous instances of free, unsecured Wi-Fi that was potentially risky.

I mentioned that I was using a review phone and it alerted me to new SSIDs it encountered instead of blindly logging on – a convenient feature of most smartphones if they have encountered the SSID before. My day use phone is protected by Norton for Android that constantly reminds me of the dangers of free Wi-Fi and I use a VPN for added protection.

As this is a growing threat I asked NordVPN to provide some generic background on the issue. To be fair there are several reputable VPN companies as well as Norton (that provided the graphic at the end) and other security companies all of which will give similar advice – make sure you know the SSID, don’t use unsecured SSID, and all categorically state use a VPN.

NordVPN pointed to a study by Private Wi-Fi that although dated, stated that 79% of users don’t use a VPN with free Wi-Fi and indulge in risky business. And over 50% connect to free Wi-Fi at least weekly and 46% were blissfully ignorant of the risks of free Wi-Fi.

Kent Lawson, founder, and chief executive of Private Wi-Fi, said it all, “Every day we read about public areas like parks, train stations, and schools adding free public Wi-Fi, but we are not hearing about what this means for individuals using these services, the hazards that prowl, or how to protect ourselves. The public needs to know just how easy it is for hackers to hack into these public airwaves and steal your private information right out of thin air.”

NordVPN has identified three common ways that a hacker can take advantage of an unsecured or spoofed Wi-Fi hotspot.

Honeypot Wi-Fi. The most common threat is still a hacker positioning himself as a Wi-Fi hotspot - the so-called honeypot Wi-Fi. When that happens, a Wi-Fi user will be sending their information to a hacker instead to a legitimate Wi-Fi spot - and that could include credit card information, private emails, and any other sensitive information. This technique is very easy for hackers, as Wi-Fi spots rarely require authentication to establish a connection.

Wireless sniffers. Hackers can use sniffers, software, and hardware designed to intercept and decode data when transmitted over a wireless network. It is very easy to monitor and decode another person’s private data.

Shoulder surfing. Although not a tech-based threat there can be data thieves lurking around, who will watch over a shoulder to memorize passwords or credit card information that one enters into their device. Just as it’s important to be careful when entering a PIN number into an ATM machine, it’s important to make sure no one is looking over a shoulder when going online at a public Wi-Fi spot.

Simple rules to help make free Wi-Fi safe

Use a VPN. The best and most effective way for any traveller to protect their data is to use a VPN (Virtual Private Network). A VPN service encrypts all the traffic flow between the Internet and a device hiding user’s IP address and making it impossible for a hacker to see the plain text.

Disallow automatic wireless network connection. Make sure automatic wireless connection are not turned on, and Wi-Fi is turned off when it’s not being used – this will prevent hackers from automatically connecting to your device.

Sharing settings should NOT be set to Public. To prevent anyone from finding and accessing one’s device, it’s important to make sure System’s Settings are not set to Public sharing.

Be vigilant. It’s always important to know who’s around to avoid shoulder surfing or any other suspicious activities.

Don’t practice risky behaviour.

VPN risk

NordVPN also suggested using a firewall. Take care; there are more than 250 “firewalls” on Google Play and most require Android rooting – avoid these.

 wifi hidden dangers 663x237 

LEARN HOW TO BE A SUCCESSFUL MVNO

Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service

DOWNLOAD NOW!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!