Cybersecurity experts warn against using public Wi-Fi

In recent years, travelers have been warned to avoid connecting to public Wi-Fi networks, especially in crowded public places such as airports, train stations or coffee shops, etc. In particular, Wi-Fi networks at airports, due to high usage demand and security configurations that are sometimes not a top priority, have become attractive targets for hackers.

Although many people are aware of the potential risks of using free Wi-Fi, the convenience and appeal of free wireless connections are still difficult for many to refuse. This fact has caused hackers to constantly search and update more sophisticated tricks to exploit security holes in public Wi-Fi networks.

"Evil twin" attacks increasingly common in public places

One of the most common tricks is the "evil twin" attack, in which hackers create a fake Wi-Fi network with the same or very similar name as the official Wi-Fi network to trick users into connecting and steal personal information.

The arrest of a cybercriminal in Australia this summer has sounded a serious alarm for internet users around the world. The case has exposed a worrying reality that cybercriminals are constantly looking for and developing new tricks to exploit security vulnerabilities in network systems, especially targeting public Wi-Fi networks.

One of the most common and dangerous forms of cyber attack today is the "evil twin attack". Classified as a "man-in-the-middle attack", an evil twin attack occurs when a hacker or a group of cyber criminals sets up a fake Wi-Fi network, often with a similar or identical name to the official Wi-Fi network at public places such as airports, train stations, cafes, restaurants, etc. With the aim of attracting as many users to connect as possible, hackers will take advantage of users' desire to connect to the Internet for free to easily steal personal information.

In this case, an Australian man was arrested and charged with carrying out a series of sophisticated cyberattacks on domestic flights and at major airports in the country, including Perth, Melbourne and Adelaide. According to the indictment, the subject used specialized equipment to set up fake Wi-Fi networks, which were named similar to the official Wi-Fi networks of airlines or airports. Using this trick, the attacker tricked passengers into connecting to the fake Wi-Fi networks, thereby stealing sensitive personal information such as email passwords, social media accounts and even credit card information.

Matt Radolec, Vice President of Incident Response and Cloud Operations at US data security company Varonis, issued a worrying warning: "With free Wi-Fi becoming more popular and easily accessible almost everywhere, cyber attacks targeting users when they connect to public wireless networks will increase."

Mr. Radolec emphasized that, in the current context, very few users take the time to carefully read the terms of service or check the URL address of the Wi-Fi network they are connecting to. This inadvertently creates a serious security hole, making users easy targets for cyber attacks.

Radolec shares: "In fact, cyberattacks targeting public Wi-Fi are like a game. Cybercriminals try to exploit users' desire to connect to the Internet quickly. They create fake login pages that look very similar to the official login page, then try to lure victims to quickly click the "Accept", "Login" or "Connect" buttons without checking carefully.

This is especially dangerous when users visit a new location where they have never connected to Wi-Fi before. At this point, they are easily fooled by fake websites, because they simply have no benchmark to compare and recognize which website is legitimate.

"Evil twin" attacks can be more easily hidden today

One of the most worrying aspects of evil twin attacks is their ability to be disguised. Instead of bulky devices, a rogue access point can be as small as the palm of your hand and can be easily hidden behind a screen in cafes, restaurants, or even at public events. Despite their small size, these devices are capable of causing serious consequences, directly threatening the safety of personal data and sensitive information of users.

Brian Alcorn, an IT consultant in Cincinnati (USA), warned about the sophistication of these attacks. He said: "Fake Wi-Fi devices can create identical copies of legitimate login pages of online services. This makes it very difficult for users to distinguish between real and fake. When users enter personal information on this fake website, all data will be collected and stored, waiting for the day when attackers exploit it to perform bad actions."

People who habitually use weak passwords, such as pet names, birthdays, or other easily guessed personal information, are easy targets for cyberattacks. Alcorn warns that once a person’s login credentials are stolen, cybercriminals can use advanced AI tools to quickly crack that person’s other passwords, even if they are more complex. This means that the victim’s entire personal information and online accounts are at risk.

How to avoid becoming a victim of this type of cybercrime?

Security experts recommend that when in public places, users should minimize the use of public Wi-Fi networks. Instead, prioritize using more secure connection solutions such as 4G/5G mobile data connections, or connecting to virtual private networks (VPNs) to encrypt data and protect personal information.

Brian Callahan, Director of the Rensselaer Cybersecurity Collaboration Center at Rensselaer Polytechnic Institute (USA), shared: "To effectively prevent cyber attacks that spoof Wi-Fi access points, the best way is to use your phone's mobile hotspot. This is a simple but extremely effective solution."

When using a personal hotspot, users have complete control over their network. This makes it easy for users to identify and prevent spoofing attacks. "You will always know exactly which network is yours thanks to the name and password you set yourself, ensuring a completely secure connection," said Callahan.

If you can't use a personal hotspot, a VPN is still a solid security solution, Callahan said. A VPN acts as a secure tunnel, encrypting all data sent and received, making your information meaningless to attackers.

Cybersecurity issues at airports

Many airports now outsource the management and operation of their Wi-Fi networks to outside companies. For example, at Dallas Fort Worth International Airport, Boingo is the company hired to provide this service. This means that the airport has little direct control over the security of its Wi-Fi network.

"Our Wi-Fi network operates completely independently and separately from the airport's other internal systems. This means that the airport's IT team does not have direct access to this system, nor can it monitor its operations in detail," said a representative for Dallas Fort Worth International Airport.

A spokesperson for Boingo, which provides services to about 60 airports in North America, said it can identify rogue Wi-Fi hotspots through its network management. “The best way to protect passengers is to use the Passpoint security standard, which uses encryption to automatically connect users to authenticated Wi-Fi for a secure online experience,” the spokesperson added. “Boingo has offered Passpoint since 2012 to enhance Wi-Fi security and eliminate the risk of connecting to malicious hotspots.”

"Cyberattacks targeting airport Wi-Fi networks are not uncommon. However, arrests of suspects are quite unusual," said Aaron Walton, a threat analyst at US cybersecurity firm Expel. "Most airlines are not fully prepared to respond to cyberattacks and often do not have a mechanism to prosecute attackers. This makes passengers' personal information vulnerable and encourages hackers to carry out attacks."

In the Australian case, according to the Australian Federal Police, dozens of people had their login credentials stolen. Fraudsters set up fake Wi-Fi hotspots in public places, lured users into connecting, and stole their personal information. This is a particularly dangerous form of fraud, because many people are often unsuspecting when connecting to free Wi-Fi networks.

The stolen information can be used by the fraudsters to commit other fraudulent activities, causing damage to the victim. Once these credentials are collected, they can be used to extract more information from the victim, including bank account information.

Wi-Fi has become an indispensable part of our lives. We expect to be able to connect to the internet anytime, anywhere. However, this convenience comes with potential risks.

According to Callahan, public Wi-Fi hotspots, especially in crowded places like airports, are often targets for cyberattacks. Attackers can easily create fake Wi-Fi networks to steal users' personal information. So the next time you're at the airport, the best way to protect yourself is to avoid using untrusted public Wi-Fi networks.