* Third-Party Data Gathering. Even without the presence of active data hackers, your privacy is never guaranteed when you access a public hotspot. Often the biggest breaches of privacy are performed by the very establishments offering free Wi-Fi. Sometimes Wi-Fi is used to identify potential customers who are located in the vicinity of the access point, and sometimes it's used to track the websites that a user visits for statistical or advertising purposes. Although not specifically malicious, this third-party data gathering can still be intrusive. Below are some common techniques that hotspot providers use to obtain information about Wi-Fi users.
* Malicious Access Points. Since there are often multiple networks to choose from, you often guess which hotspot belongs to a specific venue. Some Wi-Fi users will even connect to a completely unknown network simply because it is unlocked. Obviously this practice poses some serious risks, especially if the access point is malicious or being manipulated by an attacker.
One of the biggest threats is "page spoofing," where a malicious access point controls a domain name resolution (i.e., how a domain name is translated into its numerical IP address). In the normal DNS resolution process, a user's client will communicate with a server in order to connect to the Internet.
In a spoofing attack, a hacker creates a fake version of a website in order to steal credentials. For example, you may be asked to "like" something on Facebook before you can access the Internet and then be directed to a fake Facebook login page that looks like the real thing. As you log in, this fake page would record your credentials, show a login error, and then redirect you to the real Facebook page for a "second attempt" at logging in. Before you're even aware of what has happened, your social identity has been stolen.
Another tactic, commonly referred to as the "Evil Twin Attack," leverages a fake access point to hack your data. This tactic is most often attempted in public parks or other large, unmonitored areas. Using a laptop with a wireless card, the attacker will access a legitimate access point to create an "evil twin" access point with a similar name. Imagine for a moment that you are at your local park, and your iPad detects a free Wi-Fi hotspot named "CityPark1." Many of us would probably connect to the network based on its name alone. However, by not confirming the legitimacy of an access point before connecting to it, you enable attackers to gather an even wider range of personal information.
Strategies for securely using Public Wi-Fi
Even without an elaborate phishing scheme, it is impossible to completely secure a public hotspot. In fact, most venue access points will only display an end-user agreement (EULA) or advertisement before allowing users to connect to the Internet. While some venues do print out the PSK on a receipt so only patrons can use their Wi-Fi, it is still a shared key for all patrons. As such, data can be passively collected from radio waves and then decrypted at a later point.
Sign up for CIO Asia eNewsletters.