Theft of Personal Information
This includes login credentials, financial information, personal data, and pictures.
If a hacker gains access to your computer, they will have free reign to everything stored.
A man-in-the-middle attack is when someone impersonates a legitimate public Wi-Fi network to trick you into connecting. If you connect to an impersonated Wi-Fi network, everything you do while connected will go through the hacker’s computer.
When you connect to a website with the prefix HTTPS, that means it is an encrypted site, meaning the data that goes back and forth is encrypted using a secure key. If someone were to intercept this data, it would be useless to them as it will be unreadable.
When you are connected to a public Wi-Fi network, anyone within range of your computer can intercept everything you send or receive. If you are connected to an unencrypted website, this intercepted data will be readable.
Packet sniffing is when someone connected to the same Wi-Fi network as you uses a tool called a packet analyzer or packet sniffer to eavesdrop on any data you send or receive.
Packet sniffing tools are not inherently malicious, network administrators use them to troubleshoot connection or performance issues. The issue is when hackers use these tools to steal someone’s information.
If someone on the same public Wi-Fi network as you has bad intentions, they could implement a type of malware on your computer. This includes:
Sessions Hijacking is when a hacker intercepts information about your computer and its connections to websites and other services. Once the hacker has this information, they can configure their own computer to match yours and hijack your session.
An example of this could be hijacking the connection to your bank’s website after you log in. From the bank’s perspective, the same computer has been logged in the whole time, but in reality the hacker would have complete access to your account.
How to protect yourself when using public Wi-Fi
Don’t share any sensitive information
If you are connected to a public Wi-Fi with no protections measures in place, do not log into any sensitive websites. Keep your web surfing minimal.
Use a VPN
Using a virtual proxy network service encrypts everything you send or receive, no matter what network you are connected to. If anyone were to use packet sniffing to get your information, it would be useless to them because it will be unreadable.
Use 2-Factor Authentication
Many websites today support 2-factor authentication for login credentials. This is when you login with not only your username and password, but also a unique code that is randomly generated and refreshed a couple times a minute.
This ensures that even if a hacker were to steal your username and password, they still would not be able to login to your account.
Use a hotspot or cellular data
The safest way to avoid the threats listed above is to avoid the public Wi-Fi in the first place. This way, you don’t need to employ any hacker countermeasures, because your information was never breached in the first place.