WiFi Security Threats

According to the Norton Wi-Fi Risk Report released in June 2017, 73% of the Americans did not feel the need to secure their devices. While on public Wi-Fi:

  • 22% admit to viewing adult content on free networks.
  • 12% cracked the password to access the wifi.
  • 35% connected to the network without the wifi owner’s permission.

Public wifi networks are unsafe and leave your personal data vulnerable. You can start protecting your privacy by getting a PureVPN.

Are WiFi Networks Safe?

Well, it depends on the WiFi network. While there are ways of making your home WiFi network secure, most public networks still use outdated WiFi security protocols. Besides, there are some forms of attack that almost all WiFi networks are vulnerable to. This matters because most of us use public WiFi networks from time to time, and some of us use the same unsecured networks daily. If you are using public WiFi on your commute to work, for instance, it can be easy to forget just how insecure this type of network is, and get lazy about information security.

Major WiFi Security Threats

In practice, most serious attacks make use of a limited number of Wi-Fi vulnerabilities. Let’s take a look at each:

Man In The Middle Attacks

Man-in-the-middle attacks are a form of attack in which an attacker “listens in” to the communication between two parties, but allows them to believe that they are directly communicating with each other. MITM helps attackers access the sensitive information transmitted between the parties, and even manipulate the communication to elicit confidential data.

Learn More About: MITM Attacks

Packet Sniffing

Packet Sniffing is an attack method that makes use of legitimate network management tools, known as packet sniffers. Typically, attackers will use these tools to spy on data being exchanged between two machines on a network, and if this data is unencrypted may be able to steal passwords or authentication tokens.

Learn More About: Sniffer Attacks

Evil Twin Attacks

Evil Twin Attacks operate in a similar way to man-in-the-middle attacks, but in this method, an attacker will use their machine to imitate legitimate websites and systems and prompt the victim to enter confidential information. An attacker can then collect this data for later use.

Learn More About: Evil Twins

DNS Spoofing

DNS Spoofing makes use of the Domain Name Server (DNS) system that allows your devices to find websites. Though we humans navigate the internet using URLs, your router sees things differently: whenever you enter a website address, your router will look up the IP address of this site in a DNS table.

This means that if an attacker can gain access to DNS tables, they can redirect your devices to spoof websites. If you enter any information into these, an attacker will be able to collect it.

This means that if an attacker can gain access to DNS tables, they can redirect your devices to spoof websites. If you enter any information into these, an attacker will be able to collect it.

Learn More About: Spoofing Attacks.

Wi-Fi Pineapple

A Wi-Fi Pineapple might sound amusing, but these small devices are anything but. Invented back in 2008 by Hak5, a company that makes equipment for penetration testers, these devices operate in much the same way as standard Wi-Fi routers. The chief difference is that they have much longer ranges, and come optimized to deploy sophisticated attacks.

Learn More About: Wi-Fi Pineapple

Session Hijacking

Session Hijacking is another common form of attack in which an attacker will steal the ‘magic cookie’ that your devices use to authenticate themselves in a range of online systems. Using this, an attacker can imitate you, and use this access to steal personal information.

Learn More About: Session Hijacking Attack

Rogue Network

A rogue network is a network designed to attract unknowing users to connect to it in plain sight, usually under the premise that this network can give them access to the internet free. Once the users connect, then the attackers have direct access to the device and any information they can get from it.

All WiFi Networks Are Vulnerable

Public WiFi networks are the worst offenders when it comes to using poor security protocols, but in truth, all Wi-Fi networks are vulnerable to hackers. Because all Wi-Fi networks essentially work in the same way, there are many ‘universal’ vulnerabilities that all networks are susceptible to.

Krack Vulnerability

The KRACK vulnerability, for instance, targets one of the key security features of all Wi-Fi networks: the four-way authentication protocol that routers use to establish a connection with a device. Because the vulnerability exploits a feature that is common across all Wi-Fi networks, it affects a vast variety of machines.

Rogue Access Points

Another common attack method is simply to set up a router and a Wi-Fi network that looks the same as a legitimate one and hope that careless users log in to the ‘fake’ network. These ‘fake’ routers are known in the trade as “Rogue Access Points.” If a user makes the mistake of connecting to one, an attacker can run vulnerability scanning software to identify further attack vectors.

UPnP Exploit

Another example of a universal vulnerability exploits the Universal Plug and Play (UPnP) system that allows devices to discover each other automatically. Many attacks using security holes in this system have been spotted in the wild, and in November 2018 researchers found that there were still 3.5 million devices that expose their UPnP endpoint to the internet, and 277,000 of them are vulnerable to such attacks.

Weak Security Protocols

Sometimes poor Wi-Fi security can simply be the consequence of using weak security protocols. As Wi-Fi technologies have advanced, new and more secure protocols have been released, but not all networks have been upgraded to make use of them. This is especially true for public networks, many of which still use the 20-year-old WEP protocol, rather than the more secure WPA or (even better) WAP2 protocols.

How To Secure Your Devices On

public wifi networks

Public Wi-Fi Networks

Securing Public Wi-Fi Networks is generally a little more tricky because they are owned and administered by someone else! The best option is therefore to only use public networks for browsing, and never, ever to login to your social media accounts or online banking system.

home wifi

Home Wi-Fi

Securing your Home Network is easy enough. Make sure you are using the most recent security protocol you can (probably WPA2), and encrypt everything you do online with a VPN, and you will instantly reduce your vulnerability to attack.

internet hotspot

Internet Hotspot

Using a hotspot is a good way to limit your vulnerability because these are typically more secure than public Wi-Fi networks. That said, you should still use a VPN to encrypt all the information you send, just in case someone is listening in.