CIO Magazine published an article yesterday that identifies seven of the most effective and favorite attacks of cyber attackers. Some of these are quite simple and therefore easy to perpetrate on unsuspecting users. Others require a great deal more sophistication and stealth to accomplish. All pose serious threats to you and me if we’re not careful.
I want to talk about just one of these attacks in this post, the most common and potentially most damaging one. In perhaps the easiest and most common of the attacks, a cyber bad guy sets up a rogue wireless access point in a public location, like a cafe or an airport. He configures it with a name that makes it look legitimate. As an open Wi-Fi connection, the fake access point won’t attempt to encrypt the traffic. That is just like the Wi-Fi networks at most such establishments, so this lack of protection doesn’t strike users as strange or suspicious. The traffic the users generate pass through the rogue Wi-Fi router and can be captured by the perpetrator. This could be quite damaging to the user, as too many websites ask the user to enter his or her username and password without encrypting it. Once the malevolent actor captures it, he then has all he needs to be able to log in impersonating the real account holder. As people too often use the same password across multiple sites, this action may very likely give the attacker access to the victim’s other sites as well.
The easiest way to protect yourself against the rogue wireless access point attack is not to use the public Wi-Fi at an establishment directly but, rather, to establish a VPN connection first and send all data through it. VPN stands for “virtual private network”. It is essentially a protected pipe that can’t be penetrated along the way but that delivers data securely from its source to its intended destination. There are several commercial and free VPN tools users can install on their machines. There are many high-quality free VPN services, and, of course, there are a number of commercial VPN products you could install. When you find yourself at a place that has free public Wi-Fi, instead of connecting directly to the signal, you would instead launch the VPN client tool, which sets up the protected pipe. Once established, you can then surf the web normally, and all your traffic will be sent down the VPN connection instead of over the open Wi-Fi signal. That way, even if a rogue access point is intercepting all of your traffic, what it captures will all be encrypted, since it traveled through the VPN, and so the attacker won’t be able to make sense of it.
Using a VPN is an easy way for you and me to protect ourselves online, even when we’re surfing the net over an open Wi-Fi connection. Of course, we won’t be completely safe: VPNs won’t save us from dropping latte on our laps, after all. But at least our data will lie outside the grasp of unfriendly snooping hackers. In this age in which privacy is such a scarcity, the value of that perk should be obvious.