Many establishments successfully entice their customers with free yet public Wi-Fi hotspots without knowing the dangers it can potentially cause.
Unknowingly to most users’ connecting through these public Wi-Fi hotspots, they share the connection with anyone else using it in the nearby proximity; this means anyone can high-jack the connection and potentially corrupt it for the other users.
Hackers and other security criminals have been known to take advantage of this situation to manipulate and steal data from businesses and individuals working through these public Wi-Fi hotspots. The size of attacks can range from targeting specific users to national organisations. A large scale example of this happening occurred when the European Parliament was forced to shut down its public Wi-Fi network “following the detection of a man-in-the-middle attack that could snoop on communications from smartphones and tablets”.
Most of the attacks that occur through public Wi-Fi hotspots are done so using man-in-the-middle attacks. These attacks are “a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.”
The head of Europe’s Europol Cybercrime division Troels Oerting recently commented that free hotspots were increasingly used to steal private information from consumers in Europe and that there has been“an increase in the misuse of Wi-Fi in order to steal information, identity or passwords and money from the users who use public or insecure Wi-Fi connections.”
In order to prevent these attacks happening to you or your organisation, it’s best to hold off connecting to any public Wi-Fi hotspots unless you know it’s a reliable source and are able to check its authenticity. This is because criminals have been known to go one step further and create rogue Wi-Fi hotspots, appearing to be part of a reputable establishment. When someone connects to these corrupt networks, the data is transmitted to the hacker and data can be stolen, corrupted or manipulated.