Mobile Banking Malware Rose 58% in Q1 https://t.co/fPDu6aTmnE
Many people are not aware of this, but Wi-Fi hotspots at Starbucks, Barnes & Noble or your local hotel that offers it as a complimentary service are not safe for confidential browsing, performing financial transactions or for viewing your emails.
Public Wi-Fi does not offer encryption for individuals using the same password and hotspot. Also, your signals are broadcast across the immediate area. It is easy for someone else within your vicinity to eavesdrop on your communication. An unskilled hacker can intercept your signal using a phony hotspot or a tampering software that can be found on a search engine.
The first task of a hacker is to get on the same network as the potential victim, then they can carry out that task with a public Wi-Fi network because they have the password. It does not matter if a network password is given out by the cashier or printed in your hotel room's welcome packet, once public, your security is compromised.
Many public Wi-Fi connections use Wi-Fi Protected Access 2 (WPA2), a secure protocol for encrypting traffic between the wireless AP and the client. Many people think having this encryption secures their traffic, but they do not realize anyone who has the password can still snoop on the packets that traverse over the network.
Attackers can obtain a lot of information when eavesdropping on your Wi-Fi network connection. They can capture your passwords and content for sites that you sign into that do not require Secure Sockets Layer (SSL) encryption. Also, they can easily capture your email and file transfers that do not have any encryption applied. An attacker can also capture voice communication across Wi-Fi and replay it.
Software used to eavesdrop can be easily obtained on the internet and does not require a lot of technical skills to operate. This helps contribute to public Wi-Fi hotspots being more popular attack targets than some personal or private networks.
4 actions to secure your data on a public Wi-Fi
1. The best way to secure your traffic while using public Wi-Fi is to use a virtual private network (VPN). When connected, all your internet traffic is sent from your computer through an encrypted tunnel to the provider’s endpoint. The traffic is secure from any local eavesdroppers on the public Wi-Fi network. These public VPN services typically cost only $5-$20 per month. There is even software available on mobile phones that will enable a VPN to start automatically when connecting to a public Wi-Fi hotspot. The primary complaint when using a VPN is it can slow down your connection speed by 25 to 50 percent.
2. If you do not have a VPN configured, make sure that each time you connect to a website over a public Wi-Fi your session is encrypted. In your URL field, you should see HTTPS and not HTTP. You also want to make sure the entire session remains encrypted while you are browsing. There are some sites that will encrypt your login and then later during the session will send you to an HTTP connection, which will make you vulnerable to a hijacking attack. There are some sites that will give you an option to encrypt your entire session. It is best to encrypt the entire session.
3. Never perform a file transfer protocol (FTP) transaction over a public Wi-Fi. Also avoid using any other protocols that transfer data in an unsecured manner unless you have a VPN established. You can consider using secure FTP, which would encrypt your session. Also, for email client programs, you need to verify that SSL is being used for IMAP, POP3 and SMTP server connections.
4. A very common attack involves a hacker setting up a public Wi-Fi hotspot of their own near the site of the public Wi-Fi. It will likely have a similar name to the legitimate one the business uses. The problem is that all your browsing activity is being routed through the attacker’s network, which would enable them to monitor the traffic. To avoid this, always verify the exact name of the hotspot’s SSID from the business hosting it. Also, make sure you do not see two access points with the same name.
Wi-Fi eavesdropping is growing as an attack vector because more public Wi-Fi hotspots are being installed. Many cities, such as San Francisco and New York, offer free Wi-Fi at various public locations, and more people are taking advantage of it.
The problem is it is very easy for novice hackers to obtains personal information from these public hotspots. Users should consider using a VPN when connecting to a public Wi-Fi hotspot because the benefits of this protection far outweigh the cost of being compromised.
Picture credit: Thinkstock
Written by Mark Dargin. An experienced network and security engineer/architect who presently works for GE Healthcare's Customer Technology & Cloud Services Team.
Microtechs 24/7/365 White label Technical Helpdesk
In today's world, a rock solid IT infrastructure is key to every successful business. At Microtechs we have the experience and resource to ensure your company has the support it needs 24 hours a day, 7 days a week, 365 days a year. We are able to provide an immediate response from our state of the art Technical Operations Centre which is based in the heart of Surrey.
With our rapidly expanding team, all specifically trained, working 24/7/365, we are able to provide excellent customer service and technical support. All of our services are available completely white labelled, ensuring a seamless extension to your company.
Through our services you are able to extend your hours to 24/7 or simply use us as an over flow assistant during office hours. This is all tailored to your business needs.
How does Outsourcing your helpdesk benefit your business?
1. It reduces your staffing costs. Why hire another member of staff, if you can outsource all of your calls for less? We are normally between 25-50% cheaper than an in-house option.
2. It expands your opening hours. We have a technical operations centre which is open 24/7/365.
3. It will improve your customer experience. Are you taking multiple calls from clients, but can’t get back to them as quick as you would like? Well now you have a team of 30 staff taking your support calls for you. Have an important meetings? No problem, your helpdesk has your back.
We work with over 60 IT & Telecoms Businesses who trust us to deal day to day with their clients.
Feel free to call our friendly solutions team, who will be happy to discuss further and help tailor a solution to you.
Call us now on 01483 407417