Wi-Fi Eavesdropping, a variety of MitM attack
The Man-in-the-Middle attacks They are very varied, although in all of them there is something in common: an intruder who intervenes between communications. A clear example is when we send information over the Internet and there is an attacker who can read that message, listen to that audio or see what searches we have carried out.
A Wi-Fi Eavesdropping attack is basically that. With this term we refer to the eavesdropping that a cybercriminal can perform when the victim connects via Wi-Fi to a network. This could affect us in many different ways.
We can take as an example the technique known as twin networks. An attacker can create a Wi-Fi with the name of a store, a company or even a place that are legitimate. For example, a restaurant could create a network with the same name and make the victim believe that they are dealing with a legitimate connection.
They can take advantage of this to collect everything we send or receive over the network. Could read messages, steal passwords… They could even use that bogus network to bypass the navigation and make the victim enter sites controlled by the attackers and make a payment and steal the credentials.
Therefore, Wi-Fi Eavesdropping is a very important problem that we could face when connecting to public networks. We must know where they are most present and of course what to do to be protected.
Where is it common to find this attack on wireless networks
In summary we can say that this type of false, fraudulent Wi-Fi networks and created solely for the purpose of carrying out attacks, we will find them in busy areas, where users will have the need to connect.
We can name, for example, public places as libraries, parks, universities… They are spaces where it is more than likely that there are Wi-Fi networks available for free to users. If an attacker goes to a library and creates a Wi-Fi network with the name Wi-Fi_Library, the victim might not suspect that it is really a scam.
Therefore, they play with these options to create fake Wi-Fi networks without raising suspicions. In addition, in these types of places they have more options that there are users who end up connecting and thus being able to achieve their goal.
Stations and airports
In this we find ourselves before busy places, by people in addition to many places. An airport, for example, is a perfect space to create a fake Wi-Fi network and steal information. A Wi-Fi Eavesdropping attack can be successful since it is more than likely that there are offline users on the mobile (foreign tourists) or people who are going to spend many hours and want to work with their computer.
These networks take advantage of these types of sites with a lot of traffic of people and where users may also need to connect to the network. Especially it can happen that there are people who spend hours and even take the opportunity to buy a ticket or anything.
Similar to the above are the malls. They are spaces where there can be many people in the same space of time. Wi-Fi networks are usually available, but sometimes they do not cover the entire surface or the signal is weak. This causes users to try other networks that they find without encryption.
That is the opportunity for cybercriminals. The more problems users have, the more options there are that they end up connecting to that fake network that they have maliciously created to steal data.
On the other hand, Work spaces they are also a good place for them to deploy rogue networks and carry out what is known as Wi-Fi Eavesdropping. We especially talk about places where there are workers from different sections and companies. They may need a connection at one point and the network does not reach well and they look for a separate Wi-Fi.
How to Avoid Wi-Fi Eavesdropping Attacks
We have explained what this type of attack on wireless networks consists of and where it is most common to occur. Now we are going to give some important tips. We are going to explain what we can do to reduce the risk.
Analyze well the network to which we connect
Without a doubt something fundamental is analyze the network very well to which we are going to connect. We must see that the name corresponds to the real network. Let’s say that we are in a bar and we are going to connect to its Wi-Fi. The normal thing is that they have a paper with the name of the network and password. Are we connecting to that network or to one they have created with a similar name?
Another very important issue to protect ourselves from Wi-Fi Eavesdropping and any other problem in public networks is to have a VPN. This will help us to encrypt the connection and not have privacy and security problems. We have at our disposal many programs for mobile devices and computers, both free and paid.
Avoid open Wi-Fi networks
We must also mention the importance of connecting only to networks that are encrypted. Must avoid open Wi-Fi networks, the ones that don’t have passwords. They could have been created to serve as bait or that cybercriminals have even entered to deploy their attacks. Therefore, the interesting thing is to always connect to networks that have good encryption.
Something also fundamental is to use protected equipment. We must have security programs that protect us, that prevent the entry of malware. In addition, it is essential that they are correctly updated to connect us with all the guarantees.
In short, Wi-Fi Eavesdropping is a major problem that we can suffer when connecting to a public Wi-Fi network. We must at all times maintain security and avoid risks that compromise our privacy. There are many attacks on the network and we must always be alert.