Digital fingerprints: the data you leave behind…

Understanding the risks of public wifi and the different ways in which your information, privacy and security are being compromised will have you think twice before joining an unsecure network. Connecting to public wifi is the equivalent of leaving your front door open when you leave your home. If no precautions are implemented you are welcoming hackers to ransack your device. When connected to public wifi your device sends information over the network in clear text, allowing hackers to view sensitive information with minimal effort applied.

Fake wifi connections

Hackers will create a fake access point using any device with internet capabilities to mimic the same name as a genuine wifi connection. When the user connects to the fake wifi connection any data transmitted will go directly to the hacker.

How to protect yourself? Be cognisant of the wifi names populated on your list of available wifi connections. Review the list and be suspicious if two similarly named wifi connections are available. If you are trying to connect while at a well-known establishment (restaurant, café, place of business etc.) speak with the staff onsite, have them provide you with the correct information. Additional precautionary measures are to always connect using a virtual private network (VPN). Utilising a VPN establishes a level of encryption between the end-user and a website, intercepted data is unreadable without the correct decryption key.

Man in the Middle attacks (MITM)

Using public wifi makes the user vulnerable to MITM attacks. Hackers will intercept information by breaking the direct connection between the client and the server, rerouting unencrypted data.

How to protect yourself? Do not access websites that require you to login with your personal information; this information is vulnerable to data theft. When connecting to a website, review the URL to ensure an HTTPS (S- means secure) connection is being utilised.

Krack Attack

A newly discovered vulnerability known as the Krack Attack can be executed by an attacker who is within range of a wifi network. The attacker could sniff (view) the collection of information over an unencrypted network via the use of data packets. The gathered information can then be viewed using free software, to look for passwords, login credentials and additional private information captured during the users’ public wifi session.

How to protect yourself? Be cognisant of the websites and information you enter over public wifi. Rely on the use of encryption such as HTTPS, VPN (Virtual Private Network) and SSL (secure connection) certificates (creates a secure and private connection).

Being aware of your surroundings

When using public wifi, be cautious of your surroundings, avoid visiting private websites, filling out applications which contain personal information and remain alert of individuals in your vicinity. It is very easy for someone to snoop over your shoulder and review the data you are entering or what you are typing.

Now that you are aware of a number of public wifi attacks, here are some tips to help stay protected:

• Use a VPN when connecting to a public network. A VPN creates a private and secure connection, encrypting your information providing the security necessary to keep your data protected. VPN services can be purchased and installed on all of your devices from laptops to mobile devices.
  
  
• Before connecting a computer (Windows or Mac) to a public network, make sure to disable sharing (network discovery, file and printer sharing). If kept enabled, you are allowing people the ability to access your device.  
  
  
• Ensure that your firewall is enabled when on a public network. The firewall will protect you from unwanted and potentially harmful incoming connections.
  
  
• Purchase a subscription to a known hotspot service whether through your mobile network provider or a third party company.
  
  
• Keep your operating system and mobile applications up to date. Often the updates created for your operating system or applications pertain to security fixes needed to keep your device protected. When the updates are made available, the security hole becomes public knowledge; making your device vulnerable to attacks the longer it stays unpatched. By ensuring that you are running the “latest and greatest” versions of an operating system or application, limits your exposure to compromise.
  
  

With attackers looming in the shadows and technology driving the world, take the extra steps to protect your device/information. Always use best practices and ensure security when using public wifi.

Author

• Michael Joudeh, Director
• Jose Bevilacqua, Associate Director