You do not need Wi-Fi so badly that it’s worth risking all the data on your phone or computer.
That should be the end of my blogging on this tip. But, well, human nature and all… it won’t stick without further details and even a workaround to the rule. So, here we go!
When you are sharing a Wi-Fi connection with other users and/or devices, you’re all exposed to the same local network traffic. Any unencrypted traffic is available for all to see. If just one device on the network is infected with malware, it may be designed to sniff the network for everything it can find.
Ask yourself these questions when joining a Wi-Fi network:
- Do you trust that EVERY person’s device on the network is free of Malware?
- Do you trust that EVERY device that is connected to the network before you arrived at the Wi-Fi was free of Malware?
Note that the question is not about the people themselves, it is aboout how well versed they are in security in order to protect their devices from infection. The answer should be NO…. you do not know that their devices are secure.
What is the risk?
Anybody can create a Wi-Fi network. Smartphones have a feature called Hot Spot which can create a Wi-Fi name using the public location you’re in (e.g., an airport name if you’re in an airport). People are fooled by the duplicate name and join the Hot Spot instead of the real airport Wi-Fi. Now all your internet traffic is being routed through the bad actors Wi-Fi. Using software, they can capture everything you’re sending and receiving.
Alternatively, the person need not even be present for the most common malware for Wi-Fi devices. It is called a MitM attack. This means “Man-in the-Middle”. Once an infected device connects to the network, it sniffs for weaknesses on the router such as the use of default passwords or poor password strength. This isn’t YOUR password; this is the password on the Router that serves as the Wi-Fi. Once the vulnerability is found, they will insert themselves in between the user’s computer and the websites that the user visits. They intercept the messages or information being transmitted between the two, such as passwords and payment card data. They can have this information forwarded to wherever the nefarious actor wants (allowing them not to be present during the attack).
What is the workaround?
If you must connect to a public Wi-Fi network or a private unsecured Wi-Fi network or a large Wi-Fi secured Wi-Fi network, the advice is the same… use a VPN. A VPN connection creates an encrypted tunnel for your internet communications to be routed through. The router of the Wi-Fi network, and all computers connected to it, cannot see into the encrypted connection.
This News Clip video explains the Wi-Fi impersonation attack well:
This is a good video about Man in the Middle attacks. This video probably explains this entire topic better than I have done. Please have a look.
Another tip within this tip: Use Ethernet instead of Wi-Fi if available. Ethernet is ALWAYS more secure than Wi-Fi connections. This doesn’t negate the need to connect using a VPN.