Free public WiFi is now available in many places. Airports, hotels and cafes offer free internet connection as an added benefit of using their services. For many people, being able to connect to free internet on the go seems ideal. This would be especially useful for the traveling business person, who can now access their work email or share documents online.

However, using public Wi-Fi hotspots comes with greater risks than many Internet users might realize, and most of these risks involve man-in-the-middle attacks.


Man in the Middle Attack

A Man-in-the-Middle (MitM) attack occurs when an attacker manages to intercept communications between two parties. There are different types of MitM attacks, but one of the most common is to intercept a user's request to access a website and send a response with a fraudulent web page that looks identical. This can happen to almost any website, from online banking to file sharing and email providers.

For example, if Alice is trying to access her email and a hacker manages to intercept the connection between her device and her email provider, he can perform a MitM attack, luring her to a fake website. If a hacker gains access to her username and password, he can use her email to perform more malicious activities, such as sending phishing emails to Alice's contact list.

Therefore, the man in the middle is a third party capable of intercepting data transmitted between two points by posing as the original. MitM attacks are typically launched to trick users into entering their sensitive data into a fake website, but they can also be used to simply intercept a private conversation.


Listening to WiFi

WiFi eavesdropping is a type of MitM attack where a hacker uses public WiFi to monitor the activities of anyone who connects to it. The information intercepted can range from personal data to internet traffic.

Typically, this is done by creating a fake Wi-Fi network with a name identical to the real one. The fake name of a hot spot is often very similar to the name of a nearby store or company. This is also known as the evil twin method.

For example, a consumer might walk into a coffee shop and realize that there are three WiFi networks with similar names: CoffeeShop, CoffeeShop1 and CoffeeShop2. Most likely, one of them is a scammer.

Hackers can use this technique to collect data from any device that makes a connection, ultimately allowing them to steal login credentials, credit card information, and other sensitive information.

WiFi eavesdropping is only one of the risks associated with public networks, so it is always preferable to avoid using them. If you do need to use public Wi-Fi, be sure to check with a staff member to ensure it is genuine and secure.


Traffic Analyzer

Sometimes attackers use special computer programs to intercept data. These programs are known as traffic analyzers and are often used by IT professionals to record digital network traffic, making it easier for them to detect and analyze problems. These programs are also used to monitor the dynamics of Internet browsing in private organizations.

However, many of these traffic analyzers are used by attackers to collect sensitive data and commit illegal activities. Thus, even if nothing bad happens at first, victims may find out later that someone has committed fraud using their identity or that their company's confidential information has somehow been leaked.


Essentially, cookies are small packets of data that web browsers collect from websites to store some user information. These data packets are typically stored locally (as text files) on the computer so the website recognizes the user when they return.

Cookies are useful because they make it easier for you to use frequently visited  websites. For example, cookies allow users to remain logged in without having to enter their credentials each time they visit a particular website. They can also be used by online stores to record items that customers have previously added to their shopping cart, or to monitor Internet surfing.

Since cookies are simple text files, they cannot contain a keylogger or malware, so they will not cause any harm to your computer. However, cookies can be dangerous from a privacy perspective and are often used in MitM attacks.

If attackers can intercept and steal the cookies you use to use websites, they can use that information against you. This is called cookie theft and is often associated with what we call session hijacking (TCP Hijacking).

Successful session hijacking allows the attacker to impersonate the victim and use websites on their behalf. This means they can use the victim's current session to access personal email or other websites that may contain sensitive data. Session hijacking typically occurs on public Wi-Fi hotspots because they are easier to monitor and much more vulnerable to MitM attacks.


How to protect yourself from MitM attacks?

  • Disable the setting that allows your device to automatically connect to public WiFi networks.

  • Turn off file sharing and sign out of accounts you don't use.

  • Use password-protected WiFi networks whenever possible. When there is no choice but to use a public WiFi network, try not to send or access sensitive information.

  • Update your operating system and antivirus.

  • Avoid any financial activity while using public networks, including cryptocurrency transactions.

  • Use websites that use the HTTPS protocol. Keep in mind, however, that some hackers spoof HTTPS, so this measure is not completely reliable.

  • It is always recommended to use a Virtual Private Network (VPN), especially if you need access to sensitive or business-related data.

  • Beware of fake WiFi networks. Don't trust a WiFi name just because it looks like a store or company. If in doubt, ask an employee to confirm the authenticity of the network. You can also ask if they have a secure network that you can use.

  • Turn off your WiFi and Bluetooth when you are not using it. Avoid connecting to public networks unless necessary.


Conclusion

Cybercriminals are always looking for new ways to access people's data, so it's important to stay informed and stay vigilant at all times. Here we have discussed some of the risks that public WiFi can pose. While most of these risks can be mitigated by simply using a password-protected connection, it is important to understand how these attacks work and how you can avoid becoming the next victim.