Man In the Middle (MITM) Attack: The Dangers of Public Wi-Fi

Public Wi-Fi might seem useful because it allows you to not only avoid using your phone's own data plan, but reduces the amount of time it takes for web pages to load. Whether you are in Starbucks, an airport, a restaurant, etc., you may see that you are able to connect to open internet connections that do not have a password. While this may seem beneficial, hackers, on the other end, appreciate public Wi-Fi even more than you do. This is because they can use it to target the wireless connection's users and gain access to their personal information.

An attack called ‘Man in The Middle’ is when hackers generate a secondary connection with a name that looks similar to the connection that already exists in the place, such as, for example,"StarbucksFreeWifi". Usually, the created Wi-Fi has a name that correlates to their location. A user may be tricked into clicking the secondary connection which connects to the hackers rather than the legitimate company's connection. Once a user is connected, the con artist is able to eavesdrop into the traffic that is coming from the user's device whether it is banking information, log in credentials, or even your business applications.

Imperva states, “The goal of an attack is to steal personal information, such as login credentials, account details and credit card numbers. Targets are typically the users of financial applications, SaaS businesses, e-commerce sites and other websites where logging in is required” (Imperva).

Here are a few facts:

•  47% of Americans claim to routinely utilize free public Wi-Fi.
•  35% of exploitation activity involves man-in-the-middle attacks.
•  Almost 58% of all posts for illegal activity include banking information that has been stolen using MITM or other attack types.
  (Strongdm)

To stay away from these attacks, here are a few ways that you can prevent being compromised:

• Use your Internet hotspot AND ensure your hotspot's password is enabled.
• Use VPN software (takes your traffic before it leaves your device and encrypts it)
•  Force HTTPS (the ‘s’ means that the website will encrypt your information)
• Use secure connections
• Multi-Factor Authentication 

Overall, avoid using public Wi-Fi, you never know who is behind the wireless connection waiting to compromise your accounts and steal your sensitive information.

The Infiniwiz technical team in the Chicagoland area takes a proactive approach to your cybersecurity. We set up the right IT protocols and help you put in place the employee procedures that will keep your data and network safe from online hackers. However, make sure to do your part in staying alert. If you have any questions, feel free to contact us!