Cybersecurity experts are issuing a stern warning to Scots regarding the potential dangers lurking within public WiFi networks. While the convenience of accessing the internet on the go, such as during train commutes, may seem appealing, experts emphasize the significant cybersecurity risks that accompany such practices.
One of the primary concerns raised by cybersecurity professionals is the phenomenon known as "session hijacking." In this scenario, cybercriminals exploit vulnerabilities present in public WiFi networks to gain unauthorized access to users' devices while they are browsing online.
Let’s Understand ‘Session Hijacking’ in Simple Words
Session hijacking, a prevalent cybersecurity attack, occurs when an attacker gains control of an individual's internet session while they are engaged in activities such as checking their credit card balance, paying bills, or shopping online.
Typically, session hijackers target browser or web application sessions to perpetrate their attacks.
Once a session hijacking attack is successful, the attacker gains the ability to perform any action that the victim could undertake on the targeted website. Essentially, the hijacker deceives the website into believing that they are legitimate users, thereby granting them unauthorized access and control over the victim's session. And it can lead to various cyber-crimes and financial scams.
Do You Know What Risks Lurking in Public WiFi Networks?
Vincent van Dijk MSc a cybersecurity expert, warns individuals about the lurking dangers within public WiFi networks, highlighting three prevalent cyber threats:
1. Man-in-the-Middle attacks
2. Evil Twin attacks
3. Malware Present in Networks
In a Man-in-the-Middle attack, hackers infiltrate the public network, intercepting data as it travels from a connected device to the WiFi router. Vincent explains the severity of this threat, stating, "If you are engaged in online banking during such an attack, hackers can easily access your passwords and account information. Your credit card numbers, email addresses, and other personal details become vulnerable to theft."
Evil Twin attacks present another insidious threat. When users search for a public WiFi hotspot, they may encounter a fraudulent network pretending as a legitimate one. These malicious networks often bear names strikingly similar to authentic ones, such as 'Free University Wi-Fi2' or 'Station Wi-Fi04.' Therefore, connecting to these clones exposes users to scammers, compromising their private data and leaving them susceptible to exploitation.
Further, Vincent explains that when hackers successfully infect a network with malware, they gain the ability to distribute harmful software bugs to any device connected to it. As a cautionary measure, he advises users to exercise caution if they encounter unexpected pop-up notifications while connected to such networks. Clicking on these pop-ups could inadvertently lead to exposure to infected links, putting users' devices and sensitive information at risk.
Following the concerns related to public WiFi, experts suggested public to use Virtual Private Networks (VPNs) and verify network authenticity while using Public Wifi. By doing so users can mitigate the risks associated with public WiFi usage, safeguarding their sensitive information from cybercriminals.
