Is it secure to use WiFi?

Is it secure to use WiFi?

How can a hacker attack you from a WiFi?

WiFi networks are inherently more susceptible to security breaches than wired ethernet connections. Without proper security measures, they are prone to interception through man-in-the-middle attacks with tools like Wireshark or an evil access point twin attack.

Attack #1: Man-in-the-middle Attack

Take, for instance, using the WiFi at a Starbucks; anyone on the same network can potentially monitor the network traffic of every other user.

Even when you visit HTTPS encryption on websites, some sensitive information may be passed as clear text, the attacker will know which sites you visited and hacking trials will start. However, when you use a VPN and someone attempts a man-in-the-middle (MITM) attack, the attacker will not be able to see the URLs of the websites you visit. This is because a VPN encrypts all your internet traffic from your device until it reaches the VPN server. This encryption includes the URLs you visit, any data you send or receive, and even the fact that you are connecting to a VPN server in the first place.

The encryption provided by the VPN ensures that anyone intercepting the traffic between your device and the VPN server would only see scrambled, indecipherable data. They would not be able to decipher the URLs, the content of your internet traffic, or any sensitive information transmitted during the session.

Attack #2: Creating an Evil Twin, a Fake Access Point Attack

Utilizing tools such as the aircrack-ng suite alongside dnsmasq, attackers are capable of creating a deceptive clone of an access point on their own machine. This nefarious strategy involves forcibly disconnecting you from your legitimate access point, compelling your device to connect to this fake WiFi network (with the same name as the original one). Once ensnared in this trap, not only can the attacker can monitor your internet traffic, but they also can gain the ability to reroute you to sham websites meticulously designed to mimic legitimate services. For instance, should you attempt to log into your Facebook or Gmail account while connected to this fake network, you might unknowingly be redirected to a look-alike site controlled by the attacker. On these fake pages, any credentials you input—be it usernames or passwords—are harvested by the attacker. This sophisticated form of cyber deception underscores the critical importance of vigilance and the use of secure, encrypted connections to safeguard your digital identity and personal information against such insidious threats.

Related Links:

https://www.freecodecamp.org/news/wifi-hacking-securing-wifi-networks-with-aircrack-ng/

https://thecybersecurityman.com/2018/08/11/creating-an-evil-twin-or-fake-access-point-using-aircrack-ng-and-dnsmasq-part-2-the-attack/