January 12th, 2016
Most people are aware that free public Wifi can be unsafe for anyone looking for secure online surfing. Personally, having to resort to connect to a public Wifi leaves me with a somewhat grimy feeling, akin to using a public washroom. (Or is it just me?) However, upon having a conversation with a few older relatives during recent travels, they seemed completely unaware that there was even such a possibility for hackers, and that private information could be compromised over public Wifi. Like many others, they were eager to jump onto any free hotel, airport or café Wifi without much second thought, especially when travelling abroad.
Londoners agreed to give up firstborn child for free Wifi
Even for individuals who are somewhat aware of the dangers of public Wifi hotspots, still find the lure of free Wifi hard to resist, especially with the extortionate roaming charges overseas from our telecommunication providers. So much so that one experiment from Cyber Security Research Institute showed exactly how prevalent public ignorance of security issues can be with regards to Wifi usage, and how quick people can be to click “I Agree” for the sake of free Wifi.
The social experiment saw Londoners unknowingly agreeing to sign away their first-born child in exchange for a free Wi-Fi connection. Before they were granted access to the free Wi-Fi, a list of terms and conditions they should agree to included the false clause, promising free WiFi, if ‘the recipient agreed to assign their first born child to us for the duration of eternity.’
The true dangers of public Wifi
Although the idea of anyone signing away their kids for free Wifi seems laughable and you probably may be thinking “That will never happen to me”, there is a certain degree of risk every time we decide to access public Wifi.
When CBS4’s David Sutta invited a group of hackers called HackMiami to demonstrate exactly how hackers are using free Wifi to steal information, it was clear how easy the whole process was. In fact, the cost of the process was considered ‘cheap’, required little education and literally took seconds.
Text of emails, content of text messages, email addresses of the sender and recipient, passwords, usernames, private photos even on SD cards; these are all fair game for anyone with the knowhow and at the stroke of a few keys.
How do they do it?
As explained by the folks at Norton, Wifi uses radio waves. The openness of these signals at public hotspots, combined with the right eavesdropping software, can allow the hackers to gain access to your information without your knowledge, very much like someone overhearing a private conversation in a crowded restaurant. Because your data is being sent through radio waves to a router, it can easily be intercepted by someone given the right tools and knowledge.
Two common ways it’s done
1) Software. Hacking software called “sniffer software” is a typical method of choice among hackers to intercept data as it is transmitted over a network. After using such software to intercept signals, hackers can see everything from any screen any of any of the users sharing the same public Wifi. Hackers would then be able to look at traffic traveling to and from a wireless router to extract important information.
2) Rogue Wifi hotspots. This method is considered so easy to be taken advantage of that in one hacking demo a 7-year-old kid was able to break into a public network in under 11 minutes after watching a couple of online tutorials. This popular method is often carried out in areas where large numbers of users are likely searching for a connection. Hackers would set up rogue Wifi hotspots with generic names or names to mimic the area they are operating in (for example, setting up a rogue hotspot named “Starbucks Free Wifi” in the vicinity of a Starbucks coffee shop.
Betsy Davies (age 7) watched an online tutorial before successfully managing to hack the public network within 11 minutes of setting up a rogue access point. (Source: ITV)
Tips when accessing public Wifi
– Check if the public Wifi network you are accessing is genuine by confirming the name of the network with a staff on-hand.
– Restrain from accessing sensitive information over the public Wifi. Performing banking or financial transactions should be a big No-No when one is doing it over unsecured free Wifi spots. Keep the visiting of such sites until you are back on a secure, private network.
– Turn on the Wifi only when you it. Even if you may not have actively connected to a network, the Wifi hardware in your device is still transmitting data between any networks within range. If you are only using your laptop to perform offline work such as writing a Word or Excel Document, it is advisable to keep your Wifi off.
– A Virtual Private Network (VPN) comes in handy for times like these. Even if a hacker manages to intercept your connection, under a VPN your data extracted will be strongly encrypted, making it a lengthy process for the hacker to decrypt.
– Upon leaving a public network, be sure to ask your device to ‘forget the network’. Do not just log off so that in the future your device will not automatically log onto the network whenever it is in range.
For further reading, check out this pretty scary article on how one hacker accessed a café’s public Wifi, and how in 20 minutes knew where everyone else was born, what schools they attended, and the last five things they Googled. You may never want to connect to free Wifi again!
 CBN News
 CBS Miami