The Tools to Fight Public Wi-Fi Hackers

The Tools to Fight Public Wi-Fi Hackers

10 October 2018

Everybody is talking about home internet security to the point where it sometimes seems excessive. Yes, we get it – use reliable antivirus software, don’t open sketchy websites or suspicious emails. That’s about it when it comes to basic home security, but not many people talk about safety in coffee shops, fast food joints or bars, because by default they sort of seem safe, right? Well, the truth is that connecting to a free Wi-Fi hotspot might seem like a harmless idea, but in reality, it’s just as risky as those pop-up websites offering free money. Hackers love lurking near public Wi-Fi hotspots, as if though they’re checking their Twitter account. On the contrary, they’re probably more interested in your Twitter account or even bank card information.

A survey by Symantec has concluded that 60% of Americans believe that their data is safe when using Wi-Fi, and half of these people are convinced that it is not their responsibility to ensure data safety. Another study by Norton has highlighted that 87% of their respondents from all over the world have potentially put their information at risk while on public Wi-Fi. Not cool, is it? Well, the good part is that with a few rules you can dodge potential Wi-Fi hijackers. But first, let’s talk about the most common tricks these hackers are using.

Man-in-the-Middle Attack

You could say that this is the more technical way of stealing your data. Just like the name suggests, Man-in-the-Middle attacks are based on getting in between you and the router. The goal is to find hotspot security flaws and take over the network. Once that is done, hackers can track and manage anything that flows online. For most cybercriminals getting between the router and the victim is a piece of cake for several reasons:

  • most customer service establishments use weak passwords, so they naturally become more susceptible to being hacked;
  • some Wi-Fi hotspots don’t use a password at all, which is basically a free pass for a hacker;
  • not every establishment uses encryption, which significantly increases the possibility of hacker attacks. IUNGO routers offer a good solution because any data sent from your phone to the router is already encrypted and hack-proof. This is something that default router configurations and setups usually lack.

These attacks are very straightforward, and even though they’re based on actual hacking skill, it still narrows down to exploiting human error, such as choosing a poor password. Think of MITM attacks as the heavy artillery of hacking in public Wi-Fi hotspots. Theft is only one side of the medal because hackers can do much more harm by spreading malware and spyware, using hotspots to committing crimes, thus bringing long-term damage.

Rogue Hotspots

Now, this method is pure social engineering and something that should surprise you. Here’s a scenario that people often go through without even knowing what’s going on. Let’s say that you wander into a random sandwich shop, get your usual BLT and a cup of pitch-dark coffee on the side, while realizing that there’s no public Wi-Fi. You get a little angry and frustrated, start packing your stuff, and then suddenly a hotspot called “FreeSandwichWifi” appears on your laptop screen, putting a wide smile on your face.

After 30 minutes of going berserk on social media, checking your email, bank balance, making transfers and sharing personal details you realize something odd. One of the customers asks an employee about free Wi-Fi, only to hear that they never had an open hotspot. “What about the hotspot I’m using?” you start shouting to the employee, as a man next to you quietly packs up and leaves the establishment. Nobody is sure what’s happening, but it’s most likely that the mysterious man walked out knowing your credit card number and just about any password you have used. No, you didn’t connect to a public Wi-Fi. That was a rogue hotspot set up by a hacker who secretly observed your activity while you were connected to his network.

This is one of the easiest ways to exploit people because it basically requires no skill, except for some clever deception. Infamous hacker Kevin Mitnick has emphasized many times that social engineering through exploiting human error is far easier than using elaborate hacking techniques. In this case, hackers take advantage of the fact the people are hungry for Wi-Fi and are willing to connect to anything that’s open and free. And while stealing somebody’s password in a coffee shop is not on the same scale as Mitnick’s exploits, it is a good example of how dangerous even an innocent afternoon lunch can be.

How to Fight Back?

Nobody wants their day ruined by some petty cybercriminals snooping around your private life. But that doesn’t mean you should not use public Wi-Fi hotspots. Every modern person has the right to the safe internet, and that includes you. Just keep in mind a couple of rules the next you visit a coffee shop.

First of all, you must make sure that the establishment actually has free Wi-Fi. Once you come into a coffee shop, find out their hotspot name and stick to it. Don’t make compromises on similar sounding alternative hotspots or anything else that signals “free”, because it could be a sign of a rogue hotspot. And remember to keep the sharing option off when connected. Also, don’t forget to sometimes peek on your URL – make sure that it always starts with “https”. A different combination is a clear sign that your network has been compromised, which is also a sign that you need to disconnect from the hotspot.

IUNGO network offers a safe solution with secure authentication and authorization mechanisms. This is done through a special app and router using hotspot 2.0 technology, which allows seamless network discovery and connectivity. The password will be passed on safely, without humans interacting.

The main rule to protecting yourself from cybercriminals is about having several layers of protection. The more you have, the more difficult it is to exploit you.  To wrap it up, keep in mind that some data is better to be checked using private hotspots. Even if you follow all of these steps, refrain from searching, typing or sending certain information while on public Wi-Fi hotspots. The rule is simple – don’t show anything that you’re afraid to lose.