How to stop
hackers from stealing your information on public Wi-Fi
By ARTHUR BAXTER thenextweb.com
You enjoy “free internet” through
Wi-Fi hotspots libraries, coffee shops, at bars, and other public places. It
seems harmless. Little do you know, a stranger could know your birthplace, the
schools you attended, and your recent search history in 20 minutes.
Just a couple of years ago, strangers could login as you on Facebook if you were on
the same Wi-Fi network as them. They’d be able to view and send messages from
your account, and even post statuses.
You don’t have to swear off public Wi-Fi for the rest of
your life, and it’s not entirely the venue’s fault. Instead, let’s figure out
why public Wi-Fi is so attractive to hackers and explore how they steal your
information. We’ll share a simple solution that protects you from the vast
majority of hackers’ strategies and tactics.
Why public Wi-Fi? And how?
Most public connections are either unsecured or have shared
passwords. Public Wi-Fi makes for an easy target for hackers.
Hackers want to sit between you and the websites you visit
in order to look at your information. They do this with little effort on public
Wi-Fi. Besides the lack of security, all sorts of different people might their
share sensitive information through public Wi-Fi.
In comparison, let’s say a hacker eavesdropped on someone’s
residential Wi-Fi. The hacker would only see sensitive information from one or
two people before they needed to hack another house.
The Man In the Middle
Most hackers strike with a man in the middle (MITM) attack.
Simply put, they watch or tweak your data in transit.
In a MITM attack, the hacker sees
the information going to and from your computer. They intercept, and alter, the
communication between you and the website. (Think that sounds scary? Just wait
till your appliances connect to the internet.)
The Evil Twin
The “evil twin” is a variation of
MITM attacks. With this attack, hackers set up rogue Wi-Fi hotspots. You might connect to a harmless looking
hotspot, like one entitled, “Free Public Wi-Fi”. You figure that maybe someone
was being generous.
Little do you know, you might have fallen right into a
hacker’s trap. Once you’re connected, hackers can see any data you send and
collect through this internet connection.
Devious hackers can set up a legitimate-looking Wi-Fi
connection. For example, hackers can broadcast a network name that’s the name
of a coffee shop or library. Unsuspecting victims will connect to the evil
twin. Unfortunately, their computer still looks connected to the legitimate hub
instead.
Some hacker techniques are advanced enough to lure your
computer into automatically connecting to their Wi-Fi connection. They do this
by broadcasting fake certificates and credentials that match routers you’ve
connected to in the past.
The Packet Sniffer
MITM and evil twins aren’t the only strategies for hackers.
They use software called packet sniffers to collect victims’ data. A packet
sniffer captures all packets of data that pass through a network interface
(e.g., the network interface card in your computer).
Network or system administrators can use packet sniffing to
monitor and troubleshoot network traffic. Unfortunately, when hackers use
packet sniffing, they eavesdrop on network traffic. They listen in on the
information you send through the public Wi-Fi connection and use it for their
own interests.
It’s actually pretty easy for hackers to pull off these
attacks. Here’s how you can protect yourself from hackers snooping on your
sensitive information:
What you can do
Some public Wi-Fi connections (like Starbucks) force you to
login after you’ve connected. That means it’s safe, right?
Actually, these authentication screens have nothing to do
with security. Rather, it’s about the provider trying to identify you (and
potentially charge you in cases with paid Wi-Fi). Here are some tactics to
defend yourself from hackers’ attacks.
Two-Factor Authentication for
Passwords
Techrepublic suggests combining two factor authentication
and vpns to keep sensitive business information secure. This layer of defense
is also useful with your personal information. Vpns make it difficult for
hackers to read your password.
Play safe with another layer of defence. Turn on two-factor
authentication for all your web services (e.g., email, social networks, etc.).
This simply means that when you try to login to a website, the website will
text message your phone with a code that you’ll enter into the site in addition
to your password.
Even if a hacker has your password, they won’t have your
phone — which makes it much more difficult for them to login to your account.
Constant Vigilance
It might seem obvious to some, but you have to err on the
side of caution when browsing the internet. Never let your curiosity get the
best of you. In your browser, block cookies and remove tracking. Avoid unsafe
or untrusted software (especially if it’s free or sounds too good to be true),
and avoid dodgy links in your inbox, or on your social media feeds.
Tether Your Internet Connection
If you have a remarkable data plan, you can tether off your
mobile device or phone. Since this is a private connection, it’ll be much more
difficult, and less rewarding, for a hacker to break into.
Of course, this can be a bit pricey depending on where you
live. It might also tax your phone’s battery, so use with your own power
supply.
Encrypt Yourself
When you’re using public Wi-Fi, your computer or mobile
phone sends data to the router like radio waves.
You can defend yourself by encrypting your radio waves.
Encrypting your data makes it almost impossible for peering eyes to see your
data.
Sites that use HTTPS technology
encrypt your connection. Websites like Facebook, Paypal, and Google secure your
connection with HTTPS (not HTTP). A man in the middle attack occurs
significantly less with these instances. (Here’s an in-depth technical explanation on stackexchange.)
Many websites still use HTTP, which makes it likelier for a
MITM attack to take place. Let’s say that, hypothetically,
https://www.facebook.com doesn’t connect through HTTPS. A hacker might redirect
a victim to the hacker’s page, disguised to look like Facebook. They’ll collect
sensitive information in this MITM attack.
As an aside, I know that might sound
like fear mongering, but someone duped the public and faked a Bloomberg report, and Twitter spiked share prices. If they’re
capable of that, a hacker candefinitely make
a page that looks like Facebook.
Something similar to this actually
happened with Facebook in 2010 (back when parts of the site still
used HTTP). Developer Eric Butler discovered he could login as other people
that were sharing a Wi-Fi connection with him. He even created a Firefox
extension called Firesheep to
show people how they could do the same.
On a desktop or laptop computer, and
in Chrome on Android and Safari for ios devices, you can verify a site is HTTPS
secured with the green badge next to the URL. It’s more difficult to tell which
apps are also encrypted (there was a scare just
two years ago), although Apple is pushing developers to use HTTPS by default.
Just last year, a paper to be published in Proceedings of the 23rd USENIX Security
Symposium showed that the Gmail app could be hacked
92 percent of the time, a Chase app 83 percent of the time, and the
Amazon app 48 percent of the time. (The study examined Android apps.)
Because this connection happens inside the app, it’s hard to
tell whether it’s secure. Even if an app uses HTTPS, there’s no guarantee that
it’s done properly. For example, apps could be set to accept any certificate,
and thus be susceptible to MITM attacks.
Unfortunately, many websites and services don’t use HTTPS
technology yet. Here’s how you can encrypt your connection for all these other
sites.
Encrypt Your Connection with A
VPN
Virtual Private Network (VPN) services act as a middleman
between your computer and the rest of the Internet. In the process of
connecting, vpns encrypt your data. If you connect to public Wi-Fi and suffer a
MITM attack, hackers would have to spend time and energy decoding your data
because of the VPN’s encryption.
Vpns are resilient against packet sniffing as well. Vpns encrypt
your packets so that a hacker can’t read it. With a VPN, your computer sends
packets to the VPN’s server before moving towards the destination. The VPN
encrypts each packet, so no hacker can read them between the VPN server and the
website you’re visiting.
If your computer is already compromised, a VPN won’t protect
you from hackers. For example, if there’s already spyware on your computer,
hackers can read the data before a VPN has a chance to encrypt it. You can
protect yourself from this with antivirus and firewall software.
Public Wi-Fi is a Cesspool
Today, it’s almost impossible not to use public Wi-Fi.
Go in knowing the potential consequences. Don’t buy stuff
with your credit card on public Wi-Fi. Share less sensitive information on
public Wi-Fi. Make sure you’re protected with antivirus and encryption. Use
two-factor authentication and HTTPS sites when possible.
You might know how unsettling it can be for a stranger to
have your information. These precautions seem excessive, but you won’t be
laughing when someone has access to your life’s most sensitive information on
their computer.
| ||
======================================================= https://www.youtube.com/watch?v=HTgYHHKs0Zw&__scoop_post=bcaa0440-2548-11e5-c1bd-90b11c3d2b20&__scoop_topic=2455618 ============================================== Special Bulletin - My just released book, "You're Hired. Super Charge Your Email Skills in 60 Minutes! (And Get That Job...) is now on sales at Amazon.com================================================**Important note** - contact our company for very powerful solutions for IP management (IPv4 and IPv6, security, firewall and APT solutions: www.tabularosa.net In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at: www.amazon.com/author/paulbabicki If you would like to listen to experts in all aspects of Netiquette and communication, try my radio show on BlogtalkRadio Additionally, I provide content for an online newsletter via paper.li. I have also established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. Further, I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and have been a contributor to numerous blogs and publications.
Lastly, I
am the founder and president of Tabula
Rosa Systems, a company that provides “best of breed” products for network,
security and system management and services. Tabula Rosa has a new blog and Twitter site which offers great IT
product information for virtually anyone.
==============================================
|
Sunday, September 6, 2015
Tabula Rosa Blog For 9/6/15 - How to stop hackers from stealing your information on public Wi-Fi
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment