Blog

Updating your main database: your brain

December 10 2018

What makes public Wi-Fi vulnerable to attack

Business people are using Public WIFI at un-precedented levels for collaborating with co-workers, outside suppliers and customers. And, there are many good reasons for Public WIFI: it’s convenient, widely available and free. A recent study showed that 78 per cent of people around the world actively look for Public WIFI sources and of those 72 per cent have complete confidence in connecting without any regard to security.

But, Public WIFI is wrought with security risks and business executive should look for a virtual private network (VPN) that can act as a private gateway to ensure security. Pressure from work also drives people to connect to the first available Public WIFI. A Kaspersky Lab survey found that people are more likely to be robbed of their data than their money when travelling abroad as three in 10 senior business managers have been hit by cybercrime while abroad. According to the Kaspersky research report, cyber criminals target people while abroad as 82 per cent connect to free Public WIFI at airports, hotels, cafes and restaurants that are for the most part unsecured.

If you plan on taking chances with your data and are willing to connect to Public WIFI lookout for these top five hacks.

Man-in-the-middle

Man-in-the-middle is the most prominent hacking attack on Public WIFI today.

How does it work: Hackers intercept the data packets as they travel from victim to the Public WIFI network? The most common tactic used by the hacker is eaves dropping as the attacker can view your messages.

Recently a European-based gang of cyber criminals where caught by Europol for a Man-in-the-Middle attack that targeted mid-size to large companies in Italy, Spain, Poland, the U.K. and Belgium.

The hackers used social engineering tactics to plant malware onto their networks and fooled these organizations to the tune of $6.8 million.

WiFiPhisher or Evil Twin

In the Evil Twin scenario there is a wireless access point that looks legitimate. But, it’s rogue. The hacker has tricked you and is now intercepting your valuable data. One of the more common spots for WIFIPHISHER or Evil Twin is the free airport hotspot.

How does it work: You are at a Starbucks coffee shop and you see a WIFI network named Starbucks on your smartphone? It automatically connects because you have been at this Starbucks several times and your device recognize it. This hack is quite dangerous because it does not need the individual to connect to the free WIFI network.

These types of attacks are usually targeted at someone; imagine your competitor looking to steal data on a new project. WIFIFISHER or Evil Twin is used commonly by the intelligence community to extract secrets from governments and business.

One of the more famous incidents of an Evil Twin attack occurred during the 2016 Republican National Convention where 1,200 attendees connected to the phone, I VOTE TRUMP WIFI network that sat outside the convention centre.

AirCrack-NG

A widely used wireless hack, AirCrack-NG is an old but still workable method that compromises the network with a set of tools to extract passwords, which are then used to get into your network to steal data. AirCrack-NG is not just one tool but a suite of tools that can also decrypt passwords and record all packets. And, the NG stands for new generation.

How it works: AirCrack-NG works on just about any access point with a wordlist. Think about it as an unlimited supply of master keys being used to unlock a door. It may be slow but eventually you will get in.

Passive Sniffing

Passive sniffing is an above-board tool created to help monitor traffic in an effort to look at maintenance issues and resolve them. Today, this tool is being used by hackers to steal data.

How it works: the sniffer tool finds data packets usually on a Local Area Network or LAN. Any data transmitted on this network can be captured and viewed by the hacker. The term passive means that the hacker sits and waits for data to be sent and from there it is stolen.

One of the more common ways of passive sniffing is when a hacker goes into the lobby of an office, pulls out his notebook, and connects to the network. Then leaves with company data undetected.

Cowpathy

If AirCrack-NG is slow, Cowpathy is fast. This hack is an advanced version of AirCrack as it speeds up the capture of WPA2 passwords. It can also compliment AirCrack-NG especially if the hacker is looking to break into a specific network like WPN or WPA2. Cowpathy only works on these types of networks.

How it works: Think of a dictionary of passwords coupled with a boot force attack utilizing all these different passwords. Cowpathy is a common hack to crack into WIFI.

A wireless intrusion detection and prevention system can be an essential tool for identifying intrusions and notifying the system administrator of attacks. There is no option to stop them on the network with the traditional firewall. Contact us to find out more at goo.gl/7qTtjt

 

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read more