Internet Security – Using Hotel Wifi
How safe are the Wifi connections that you use when away from home, who owns them, who runs them and how secure are they? Well chances are, like most of us, you’re likely to have virtually no idea about the answers to any of these questions. For sure, you might hazard that the owner is Starbucks or the hotel management, but that will probably be only a guess based on your location (many firms outsource their internet provision in any case).
The reality is that you have little or no information concerning any wifi connection you use, when away from your office or home. Most of us expect to see half a dozen available networks whenever we try and connect from a coffee shop or hotel room. Something like this, is fairly typical –
A selection of wifi access points, some secured, others completely open. There is only one common element, the fact that you have no idea who runs the majority of them. Of course if you’re at a hotel or airport, you can look for a name representative of that location. However anyone can name an access point whatever they like, there are no restrictions on what you can call any access point.
What most people do is click on the most obvious culprit, then name of the hotel or initials or something similar.
So What’s the Danger with Wifi?
Well the dangers are very real and growing all the time, due to the increasing number of attacks targeting public wifi access points. The attacks have a variety of names from ‘evil twin’ (referring to a duplicate access point) to session hijacking but they all share a common goal – to harvest people’s credentials in order to profit. They basically consist of setting up rogue access points, often free, to get unsuspecting users to connect to them.
The problem is that whenever you connect to an access point anywhere, you are entrusting your connection and details to the administrator of that connection. All your information will flow through that access point and it’s perfectly possible to intercept and log all those details without the user being aware. Tools which help perform MITM (man in the middle) attacks like responder, evilgrade and
sslsplit are easily available and fairly simple to use.
Imagine, that every piece of data that flows through your connection is logged and recorded. Perhaps you login to your webmail account, check that auction in ebay or perhaps set up a standing order in Paypal or using online banking. All these credentials are then compromised and become available to the bad guy. It doesn’t matter that they’re supposed to be protected by
SSL, because that data can be intercepted. Or the attackers can merely spoof
DNS entries to direct users to duplicate copies of the legitimate sites and steal login details directly.
Unfortunately it’s actually very difficult to tell whether you’re using a legitimate access point, often the rogue access point will even have the same web portal as the real site. Others simply advertise their connections as ‘free wifi’ or something equally as tempting.
If you are using unfamiliar wifi connections you should restrict your web usage to non-secure sites, do not login to webmail or banking sites. Anything where you need to authenticate should be avoided, if you must use these then use a
VPN like Identity Cloaker to protect your data while using it.
What is a Man in the Middle Attack?
A Man in the Middle (MitM) attack is a type of cybersecurity attack where a malicious actor inserts themselves into a conversation between two parties, impersonates both parties and gains access to information that the two parties were trying to send to each other. The attacker relays and possibly alters the communication in order to trick the parties into thinking they are still communicating with each other over a private connection, when in fact the entire conversation is controlled by the attacker.
