Editorial by Yoofi Kpodo

Network Attacks

Public free wifi can often be very convenient, but how safe is it? Firstly, I’ll explain the way in which data is transferred from one device to another. The wireless adapter (built in device to connect your device to the access point) broadcasts your files to the access point of a router, which then connects to the internet. If the WIFI requires no password however, then those files are not encrypted. Meaning as you upload your files to their destination, they are vulnerable for interception.

Now most wireless adapters are built only to send data from just your device to the one access point (Managed mode). However, you can buy an adapter for as little as £20, which can be put into monitor mode, allowing you to collect data packets which are being sent in the air. The data packet can then be analysed on a tool called ‘Wireshark’ to extract user information.

However, websites which have ‘HTTPS’ (and a lock icon next to it) are encrypted. While most aren’t encrypted end to end, they will encrypt the important sections. Such as the login section (so password protected) and the checkout section (credit card details protected). But unfortunately, sections in between are often not protected.

Honeypot attacks and prevention

A Honey pot trap is a term used when someone creates a WIFI access point, pretending to be genuine. For example, pretending to be the genuine WIFI point for a coffee shop. This is a place with a high number of people who are unlikely to know how dangerous free WIFI can be. Using a fake WAP, they can lure unsuspecting victims in and even perform Man in the middle attacks. This is the process by which information is intercepted by a third party before reaching the router. They can then go on to cause more damage by capturing valuable data.

Avoid open networks. By only connecting to trusted networks in which you have a password for, greatly reduces the chances of your data being intercepted. This is something most cybersecurity specialists would advise. Or if you must use WIFI, make sure the network is WPA-encrypted.

VPN – Using a (Virtual Private network) will add an addition layer of protection as data is being sent and received in the air. You’ll find many people who work from home, use VPN’s to connect to their company network from a remote location. This is because a VPN acts as a tunnel and protects data being transmitted within that tunnel, from being accessed by anyone else.