Waiting between flights in airports with nothing to do is boring. So it’s very tempting to open your laptop and connect to the “Free Wi-Fi” network you see advertised in many airports these days. But should you? How do you know that the “free” wi-fi you are connecting to is not a dangerous scam that can cost you many sleepless nights?
Rogue wi-fi networks launch a “man-in-the-middle” attack. He thinks he is connecting to a network, but in reality he is connecting to a “peer-to-peer network” set up by a hacker nearby. Usually, he would have no idea that he is connecting to the Internet through the hacker’s machine. There would be no outward signs to alert him to the fact.
Once connected to your computer, the hacker can move around your hard drive at will; monitor and record every keystroke and therefore can steal every ID and password you use to log in to any membership, shopping or financial site; capture all of your credit card and bank account information; in short, create hell for you… all without your knowledge.
What’s worse, if he or she chooses to install any spyware on your machine, that opens your laptop up to free entry to all other hackers who can then use your machine as a “zombie slave.” They can send spam messages from your unit to anyone they want without your knowledge or consent.
And it’s not over… If you go back to your office and reconnect your infected machine to your corporate network, all other machines on that network can also be infected with the same spyware. That’s another disaster you have to consider.
How to detect such dangerous peer-to-peer networks?
Open your computer’s Wireless Network Connection dialog box.
All machines (Linux, PC, Mac) have an information screen that provides a list of wireless networks that your machine can detect nearby. Most of the time, all you need to do is double click on the respective icon in the menu bar, status bar or service tray that represents your wireless network connections.
NOTE: Don’t forget: the hacker can name the peer-to-peer network whatever he wants. So just because a network is called (for example) “Dulles Airport Official Secure Wi-Fi Network” means nothing. It can still be a dangerous and insecure network.
What matters is the description that accompanies the name of the network.
If a network, regardless of its name, has a description that says something like “unsecured peer-to-peer network”, “peer-to-peer network”, “unsecured computer-to-computer network”, computer network”, “unsecured wireless network” or anything like that, I would certainly NOT connect. There is a high probability that it is a trap set by a hacker.
With such networks of unknown security status, it is better not to risk it. Just use your best judgment and don’t assume anything.
The next time you have any doubts about the security of a “free Wi-Fi” offer, take that humble paperback out of your briefcase and discover the secure wonders within its covers.