When was the last time you were connected to public wifi? At the restaurant, a bar, a library? Do you ever think about why there’s free wifi near you? Have you ever thought about what you have to lose when you access information on a public network? Well, let’s have a detailed look into what MITM is and how to make sure you’re protected while browsing on public wifi.
There are multiple brands like Mcdonald’s who have a different way of marketing to their users and one of the best ways to attract people is by giving them free wifi. Now up until here, everything is fine when the public network is nothing more than a marketing strategy. People are happily using the free service provided to them by the restaurant they are in and using it up to the full potential.
The main problem arises when there’s a guy sitting in the corner who’s not willing to let your information go anywhere but to him. He’s just there to grab all the information about the devices connected to the Wifi when the people are looking for ‘Free Wifi’. It’s nothing more than a trap in most of the restaurants to catch your personal and professional life information and use it later.
Why is it Dangerous?
There’s a simple explanation for this. The network is not free for you, it’s free for everyone. Since it’s free for everyone, the intruders or ‘Hackers’ have an easy way to get information out of your device. The owner of the cafe might not have given much thought to putting some security on the Wifi. But again this was just another marketing technique.
How Easy is it to get tapped on a Public Network?
To be honest, all you have to do is one mistake, and your total data could be compromised. And the biggest problem is, you won’t even realize you made the mistake. It’s like nothing happened but the intruder can still access everything and you won’t even know it.
The biggest mistake you can do is connecting to a fake Wifi. Since there have been attacks on users from the free Wifi of restaurants, owners have increased the security of their network. But now the Hackers can create their own network which can duplicate the original network’s name. All you have to do is connect to the fake network and you’re tapped. Yes! That’s how easy it is. A public network can be one of the unsafe zones online.
Do we know if we’re tapped?
The sole purpose of the method hackers do this, is to make sure you don’t even get a hint if you’re being monitored. Monitoring will be mentioned later in the post.
Now you will never find out if someone’s watching what you are browning or what you are logged in to. How many cards you use and what are the details of those cards. Everything can be taken out from your device by a guy sitting in the corner of the place. A hacker’s work is always unnoticed so you won’t even think twice about the weird person sitting in the corner of the restaurant.
We now know what’s the disadvantages of public security are, let’s have a look in detail how it happens.
Man In-The Middle Attack (MITM)
This is probably one of the most common methods the hackers use to get your information off the public network. This is the easiest of all of them online if your victim is anywhere near you. Let’s have a deeper look into what is MITM.
Public Networks are very easy to access through MITM as owners don’t care much about the security of the people in their place. Hackers use this to their advantage to capture various types of information that can damage your device and compromise your sensitive details.
What is MITM?
Known as Man In-The Middle Attack, in computer security, it is very often used by professionals or Black Hat hackers to gain access to information of users. This happens without either party having knowledge that their router is being intercepted by a third party person and they are communicating through him.
What the intruders do is intervene in the communication channel between you and the person you are communicating with. Here we have the concept of monitoring. Your systems will be put on monitor mode to analyze and see what are you viewing or doing online. This includes all the sharing, browsing, and transactions you are performing through your device. The monitor mode is very powerful and can catch a variety of information from your device.
How does MITM Attack work?
As the name suggests “Man In-The Middle”, the hacker will break the chain of your regular communication and can deploy his own keys on your chain of communication. You can understand the diagram below.
What happens basically is in a normal scenario, your device is connected to the router which is helping you to communicate online. The hacker will intercept the server and its security and then monitor your device(Monitor Mode). He can then track all the progress in your device. The sites you log in to, the passwords you enter, the card details, images shared online, the emails you receive, and whatnot. Basically, everything you do online is then tracked by the Intruders. This was just in simple terms and technicalities are much more complicated for non-technical people.
In-short, you can be monitored online easily so watch out the steps at the end to ensure you’re secured throughout your browsing history when connected to public wifi.
Can anyone perform MITM Attacks?
This method of hacking cannot be done simply by a regular laptop and windows. You need a set of devices and some skills to do it. Some experts in the field are there to make sure you don’t face such attacks while browsing online but everything cannot be prevented in the cyber world.
Wireless Adapter – To perform MITM Attacks, you need a wireless adapter. Some of you might be thinking that a laptop already has one right? Well, the basic adapter built into laptops, are not capable of monitor mode and you need one externally that can support up to the large distance. There will be a separate post in the future regarding the wireless adapters available in the market.
Networking – Another requirement is the knowledge of networks. Not everyone can excel and even hackers need to protect their identity. They can be traced too while performing illegal things on the people and their devices. For an expert Black hat hacker, they need to know what network they’re operating on and how it works.
Kali – The codes are fairly easy to perform but the debugging is difficult and a rookie cannot do it easily. Well, people do become experts over time but again not everyone.
How to stay safe on a public network
This is the part you’ve been waiting for, how can you make yourself secure on public wifi. There are multiple ways you can see through to make sure you cannot get caught in the hacker’s zone and give up your sensitive information.
Make Sure It’s the Correct Wifi
This is an important point and everything starts from here. Rest can be avoided if you have done this. In your network options, if you see multiple networks of the same name, you can ask the owner over there about the exact wifi of the in the particular area. This can help you by connecting to the secure Wifi of the restaurant instead of the wireless network created by the hacker themself.
Access Secured Sites
The sites you are visiting comes with an SSL lock which has “https” at the beginning of the URL of the site. Don’t get confused between “http” and “https”. Https adds another layer of encryption in the transfer of data between you and the site. This means whatever you access, will be scrambled and encrypted so that the hackers aren’t able to make out the exact information.
Never Use Credit Cards
Refrain from using a credit card unless it’s an absolute EMERGENCY on public wifi. Even in that case, you should try using your own network. A hacker or not, you cannot trust any network with your credentials. Being the Bank Account Details or login information about other social media sites. The monitor mode tracks each and everything you do online.
One of the best ways of spoofing the hacker is using a VPN. It keeps all the third parties from spying away from you. What VPN does is creates a virtual network that connects it with one of their servers that spoofs your IP and location thus helping you carry your browsing without anyone inferring with your privacy.
Use a good password so without having any information about you, a hacker cannot crack your password easily. It can be the password of your social media or any other important site your visiting which might have some sensitive information related to you. You can test your password strength by going here