Wi-Fi in public places: Think twice and use encryption

Do you stop to think before joining a wireless network or is the convenience of free Wi-Fi in the street, at the café or on the bus just too tempting?

You may not realize it, but the person running that wireless access point has the ability to see all of the data going through it. If the data is sent “in the clear” they may be able to tell a lot about you: what messages you are sending, what web pages you are visiting, what your passwords are.

Fortunately, most information these days is sent over encrypted connections, which makes this type of snooping harder, but there are still tricks that hackers can use to divert your connection to malicious sites. Would you recognize a fake site or an unencrypted connection? That can be very hard, even for an expert.

So you might want to think twice before launching that link. Ask yourself, is this Wi-Fi service provided by an organization you trust? If not, just delay sending that email or tweet for a bit.

If you can’t wait, here are the things you need to be aware of. It’s relatively easy for hackers to set up a rogue or evil-twin network and give the network a name that’s the same as or similar to a company that you might have reason to trust. You need to look closely for tip-offs, like a misspelled word on the connection page or a suspicious looking URL. Just because it calls itself “Airport free wireless” does not necessarily mean it belongs to a legitimate Wi-Fi provider sanctioned by the airport.

Some sites might require a password and others might not, but typically passwords in hotels and coffee shops are made available to everyone, so don’t think that entering a password protects you. Some Wi-Fi networks provide encryption through the Wi-Fi Protected Access (WPA) protocol. But even then, you should make sure any traffic you send over the wireless network is encrypted – not just by the wireless protocol itself, but by means of a VPN or natively as part of the protocol. And you need to make sure you only visit secure Web sites via HTTPS connections.

Attackers have a number of tricks in their bag, such as DNS hijacking, where your Web page request is intercepted and you are sent to a fake site. In addition to the potential for an adversary to eavesdrop on communications, connecting to unknown wireless networks can expose you to the risk of an adversary compromising your device. Hackers can use a “captive portal” (the web page that gets thrown up when connecting to a network) to serve up code that exploits browser vulnerabilities and serves as a vector for remote code execution. This allows for the installation and execution of an implant such as a remote access Trojan that enables the hacker to take over your device.

So, if you have to work in a public place, be careful. Don’t let people look over your shoulder. Think about what type of work is appropriate in a public location. Be on the lookout for fake networks. And always make sure you use encryption.


Rhodri-Davies-headshotDr. Rhodri Davies works in the Managed Security Services section of DXC where he concentrates on the technologies required to secure DXC’s clients and the way those technologies are operated day-to-day in order to provide an effective service.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: