Posted 9 Dec 2019

Cyber security. The risks of hacking on public wifi networks

Laurent Halimi blog profile image

By Laurent Halimi

Available in cafés, restaurants, hotels, airports, ... free Internet access makes life easier. But their use is not without risks. Here are the main dangers we face and the right reflexes to avoid being hacked.

In general, the Wi-Fi networks found in public places are not well protected. They often rely on encryption protocols that are too simple or sometimes not encrypted at all.

In some cases, your confidential information (passwords, credit card numbers...) can be intercepted by hackers.

In addition, hackers can play with the content of your downloads, display you an altered Web page or offer you a malicious application by making it look like a trusted application.

Users of public wifi networks are therefore at the mercy of hackers.

The risks of public wifi networks


Features that make free Wi-Fi hotspots interesting indeed offer hackers new opportunities, such as the fact that no authentication is required to establish a network connection.

Such situations give them a tremendous opportunity to freely access unsecured devices on the same network.

They also have the ability to stand between you and the connection point, a configuration that represents the biggest threat in terms of free wifi security.

Thus, instead of communicating directly with the access point, you send your information to the hackers, who then relay it.

Meanwhile, hackers can access each of the information you send on the Internet : important emails, credit card data, or even identification data that allows access to your corporate network. Once the hackers have this information, they can, at their discretion, access your systems on your behalf.

Hackers also have the ability to use an unsecured wifi connection to broadcast malicious programs. If you allow file sharing on a network, the hacker can easily install infected software on your computer.

Some ingenious hackers have even managed to hack the connection point itself, thus managing to open a pop-up window during the connection process to propose an upgrade of popular software. When the user clicks on the window, a malware is installed.

As mobile Wi-Fi connectivity becomes more common, it is expected that Internet security issues and the risks associated with public Wi-Fi networks will increase.

This does not mean that you should avoid any free wifi connection and stay nailed to your desk. The vast majority of pirates simply attack easy prey. Therefore, it is usually only necessary to take a few precautions to keep your information safe.

Here are some useful tips from the Kaspersky Lab team of Internet security experts :

Use a virtual private network (VPN)


A VPN (virtual private network) connection is essential when you access your corporate network via an unsecured connection, such as a Wi-Fi access point.

Even if a hacker succeeds in getting in the middle of your connection, the data there will be heavily encrypted.

Since most hackers prefer easy prey, they will not embarrass themselves with stolen information requiring a tedious decryption process.

Use SSL connections


If you are unlikely to have a VPN connection while surfing the Internet in general, there is nothing to prevent you from adding a level of encryption to your communications.

Activate the "always use HTTPS" option on websites that you visit frequently or that invite you to enter identification data.

Remember that hackers know very well that users use the same login and password for forums, their bank or their corporate network.

Sending these identification data without encryption risks opening a gap in which an ingenious hacker will rush into.

Most websites that require the opening of an account or the input of identification data offer the option "HTTPS" in their settings.

Disable sharing


When you connect to the Internet in a public place, it is unlikely that you want to share anything. In this case, you can disable the sharing option in the System Preferences or control panel, depending on your operating system, or let Windows disable it for you by selecting the "Public" option the first time you connect to a new unsecured network.

Leave the wifi feature disabled when you don't need it


Even if you are not actively connected to a network, the Wi-Fi equipment on your computer continues to transmit data over the network (s) located at a certain distance.

Security measures have been put in place to ensure that this minimal mode of communication does not compromise the security of your data.

However, all wireless routers are far from identical and hackers can sometimes be resourceful.

If you are using your computer only to work on a Word or Excel document, leave the wifi feature disabled. What's more, your battery life will be longer.