Hidden dangers of free public WiFi

Hidden dangers of free public WiFi

Summary: Commentary--On the surface there appears to be nothing wrong with free WiFi but Authentium's Corey O'Donnell warns of perils hiding around the corner.

SHARE:
Commentary--We all love the convenience of WiFi to stay connected anywhere our laptops take us. In fact, you may be reading this article on your wireless-enabled laptop now. But just as the availability of WiFi services proliferate, so does the number of hackers ready to take advantage of unsuspecting road warriors. Now, in addition to long check-in and security lines, the uninformed have one more thing to be anxious about at the airport--identity thieves.

Research shows that free wireless public networks located in airports and other public places are ripe for exploitation by hackers. Launch a freely available network stumbler and you will quickly see far more advertised WiFi spots than are sanctioned by the airport and its tenants-these are typically consumers' computers attempting to connect. The ability to set up fake "free" WiFi hotspots in public places and potentially use them to steal sensitive data, such as online banking passwords or personal information, is alarmingly easy to do. In fact, hacker Web sites provide instructions on how such frauds can be accomplished.

What most users do not know is that systems like Windows XP automatically prompt the user to accept or decline connections to available wireless networks. Naturally, most users will choose to connect to the 'Free WiFi' access point, which may unknowingly connect them to a hacker's computer--a computer-to-computer connection--rather than a direct connection to the airport's official wireless access hub. To make matters worse, the SSID's (network names) of wireless networks you've joined before are saved on your system. Your PC will automatically log on to any network with that saved name. So if a hacker offers a name familiar to you, he's just created a clear path to fraud.

Users who connect to these "free" networks are at great risk of experiencing a "channeling" attack. "Channeling" is a common practice used by hackers and identity thieves to conduct man-in-the-middle attacks, with the objective of stealing user names, passwords, and other sensitive data transmitted by the user. The practice is disturbingly simple to carry out: By setting up an unauthorized access point in an airport lounge, hackers can easily trap passwords and other information without the user's knowledge.

With a large number of Windows XP devices configured to connect automatically to ad-hoc networks, it is possible that a purpose-built 'WiFi worm' could be used by criminals to infect laptops as they pass through highly-trafficked WiFi hotspots, such as airports. This trend will undoubtedly raise concerns among security administrators, as it is highly likely, given the large percentage of non-updated computers, that these road warriors will bring these infections back to the office with them, or infect other wireless users in their travels.

What can you do? Here are some basic tips for protecting yourself in public WiFi environments:

• Before connecting to a network, look around and locate a sign that advertises the network you are connecting to and verify that the network name (SSID) you are connecting to is a legitimate service.
• Shut off your wireless card if you're not planning to connect to the Web or another machine. It will protect you from intrusion and save your battery life.
• Beware of the information you share in public locations. Even seemingly innocuous logins to Web-mail accounts could give hackers access to get into your more important data, since most people utilize the same password with a few variants for almost all online activities.
• Utilize a VPN whenever possible to encrypt your data, and stronger tools if you need to conduct secure transactions.
• Turn off shared folders. If you join a malicious network, a hacker could easily load a malicious spyware agent to follow you even after you leave the public location.
• Run a comprehensive security suite and keep it up to date to prevent spyware and viruses.

If you're a Windows user:

• In the Advanced settings of Wireless Network Connection properties ("Advanced" button on "Wireless Networks" tab), choose "Access Point (infrastructure) networks only". The default is "Any available network" and this is not safe.

• Turn off "Automatic Connection" to preferred networks in the Wireless Network Connection properties so your network reads "On Demand". This will prevent your computer connecting to unsafe networks that have the same name as your home or office network.

If you're a Mac user:

• In Network Preferences, choose By Default, join "Preferred Networks" and edit your preferred network SSID's to include only trusted sources.

• Click "Options," and ensure "Ask before joining an open network" is selected. Check the "Require Administrator Password to change networks" box, and deselect the option to automatically add new networks to the preferred list.

By setting up open access points, criminals get you to step willingly onto their turf, putting your sensitive data and everyone you connect to at risk. But if we continue to play it safe and smart, we can stay one step ahead of them and enjoy all the comforts of a secure WiFi world.

biography
Corey O'Donnell is vice president of Marketing at Authentium, the leading developer of security software-as-a-service technologies. For more information visit Authentium.

Topics: Wi-Fi, Laptops, Networking, Security, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • Stop that securitism

    Oh, I am so sick of this security paranoia. I am beginning to be more sympathetic to thieves and hackers than to those who want to live a life in a cage, who restrict civil liberties, who want to install ever more prolific security measures. Certain is only your death, get over it, please.
    jense7
    • RE: Hidden dangers of free public WiFi

      @jense7 You just be trollin, Security is most definitely something that is important. While it may not be important to YOU it is important to others. Maybe some day it will be important to you when you're a victim of some sort of exploitation.
      feelthefunk
  • RE: Hidden dangers of free public WiFi

    (Bit old i know, sorry)

    Good article, more and more users need to understand the dangers behind using any free service especially one that you dont have any control over like a wifi. With some simple, easily avaiable tools - anyone can "watch" the entire network and steal the data going through, which could be your facebook, twitter or banking details.

    There is another option instead of VPN - as these can be slow if the server is far away or your connection is not a strong one. You could use a SSH or SSL software to encrypt your data - ive found one company that offers both and I use the SSH (they call it Net Gaurd - not sure if im allowed to post the URL? http://www.securewebpoint.com/products/netguard/)
    ant.20069
  • Using Encryption on Social Media and Email

    Great article! With the recent hackings and password losses, it's becoming more and more of an important issue. As this is an older article, I'd like to add a tip!
    Manually selecting to use https (encrypting using SSL and TSL) instead of http on Social Media sites and E-mail (such as Facebook, Twitter, LinkedIn, Yahoo) can really help when using public Wi-Fi. Here's a good guide on how to do so:
    http://www.cyberstreams.com/posts/2012/august/how-to-make-e-mail,-web-browsing,-facebook,-twitter,-and-linkedin-more-secure
    Solomon Waldbaum