Public WiFi Security

Free public WiFi is available in many locations across the country. Locations found; airports, hotels and cafes support free internet connection. Generally, for most people, being able to connect to the free internet while away from home is very beneficial. Using public WiFi poses more risks than most internet users realize, and many of these risks are linked to a "Man in the Middle" attack.

Man in the Middle (MitM) Attack

A man-in-the-middle (MiTM) attack occurs when a malicious person gains access to communication between two parties. There are many types of MiTM attacks, but the most common and most well-known is blocking the user's request for access to a website, and obtaining or stealing information by returning this request with a fake web page that looks like an image. This usual risk is likely to occur on almost any website, from online banking to file sharing and email providers.

If the hacker gains access to the username and password, they can also use them for other malicious activities. Therefore, Man in the Middle is a third party acting as a legitimate intermediary with access to data sent between two points. In general, MiTM attacks are done to allow users to enter their sensitive information on a fake website, but sometimes the target is simply to access a secret dialog.

WiFi Eavesdropping

WiFi eavesdropping is a type of MiTM attack. It is a type where anyone who connects to that network using a public WiFi can monitor what they are doing. Information that is accessed secretly can vary from personal data to internet usage trends or visited sites. Typically, this attack is carried out by creating a fake WiFi network with a seemingly legitimate name. The fake hotspot name is often created very much like the name of the nearby shop or company. This is also known as the Evil Twin method.

For example, when a customer enters a cafe, he will see that there are 3 different WiFi networks with similar names. These; store name, store name1 and store name2. At least one of these is likely to be a fake or decoy WiFi. This technique is used to collect data from the connecting device and ultimately capture login passwords, credentials, credit card information and other sensitive data. WiFi eavesdropping is only one of the risks to public networks, so avoiding these networks is always preferable. If you really need to use a public WiFi, you should check with employees to verify that the network to which we will connect is real and secure.

Package Sniffing

Hackers can use special computer programs to access data. These programs are also known as packet sniffers. It is often used by official IT professionals to record digital network traffic as it makes it easy to detect and analyze problems. These programs can also be used to track Internet usage patterns in certain private institutions. However, most packet analyzers are also used by cybercriminals to access sensitive information and for illegal activities. Even if nothing bad happens at first, victims later realize that they have been exposed to identity theft or that companies' confidential information has been leaked in some way, and there is nothing they can do about it.

Session Hacking and Cookie Theft

At its most basic, cookies are small packets of data that web browsers collect from websites to access certain browsing information. Data packets are usually saved locally (as text files) on the user's computer so that the site recognizes the user when they return to the site. Cookies facilitate communication on the visited site. For example, thanks to cookies, users can stay logged in to a web page without having to re-enter their information each time. Although the situation is similar in online shops, they can be used to record the products that users have previously placed in the basket or to track their browsing movements on the pages.

Since cookies are simple text files, they do not contain keyloggers or malware. Therefore, they cannot harm the computer. However, cookies can be dangerous in terms of privacy and are often used in MitM attacks. If hackers can access and steal cookies shared with the website, they can use this information against you. This is also called Cookie Theft.

In a successful session hacking, the attacker can replace the victim and communicate with websites on their behalf. This means that the attacker can easily access personal emails or other websites containing sensitive data using the victim's current session. Session Hijacking usually occurs on public WiFi hotspots because these connections are more susceptible to MitM attacks and are easier to trace.

How can you protect yourself against MitM attacks?

Make sure to turn off all settings that allow your device to automatically connect to available Wifi networks. Turn off file sharing and sign out of any accounts you don't use. Always try to prefer password protected WiFi networks. If you must use a public WiFi connection, try not to access or send sensitive information as much as possible. Take care to keep your operating system and antivirus program up to date. Try not to make financial transactions, including cryptocurrency transactions, when using public WiFi networks. Choosing websites that use the HTTPS protocol will benefit you in terms of security. But keep in mind that some hackers are capable of HTTPS scams. This method is also not completely safe.

Using a Virtual Private Network (VPN) is always recommended, especially if you need to access sensitive or business data. Try not to prefer fake WiFi networks. Do not rely on WiFi names just because they resemble the name of a shop or company. If in doubt, do not neglect to verify the authenticity of the network by consulting the employees. You can also increase your security one step further by asking if they have a secure network you can use. If you are not using it, make sure that WiFi and Bluetooth are turned off.