INVITATION TO CYBERSECURITY 248 Figure 9.12 Wireless network connection details including the default gateway IP. When using wireless networks away from home, users should be especially wary of networks that are not protected with a password. Anybody can join these networks anonymously, and other users of the network can potentially eavesdrop on the metadata being exchanged between the router and other clients. It may also be possible for an attacker to impersonate the router by injecting wireless traffic into the network, and this could trick users into visiting spoofed websites. Users of public wireless networks are also vulnerable to evil twin attacks. An evil twin is a fraudulent wireless network that appears to be legitimate. Evil twins typically broadcast a similar SSID or even the same SSID as the official one at a place of business. Therefore, people may join the fake network without realizing it. It is likely that they will still have Internet access and will see no obvious indicators of compromise. This is a manin-the-middle attack, and it puts the hacker that is running the evil twin in a place of authority. They can monitor the IP addresses the victim is visiting, read all unencrypted web traffic, and serve spoofed websites. Some devices can be tricked into connecting to an evil twin without the victim needing to take any action. Laptops and smartphones record past wireless credentials and will automatically reconnect to wireless networks that are remembered when they come within range. If an attacker knows the credentials of a remembered wireless network for a target, he may be able to spoof that wireless network and trick the victim into connecting to it. One important thing to note, evil twin attacks cannot be conducted over the Internet. They are local attacks because the hacker’s wireless signal must be in the physical proximity of the victims. This mitigates the risk compared to other cyber attacks that can originate from anyone on the Internet anywhere in the world. A best practice to bolster security when using a public wireless network, whether it is password protected or not, is to sign-in to a VPN (virtual private network) immediately after connecting to the network. VPNs create an authenticated and encrypted channel between the user and the VPN server, and the VPN server becomes the launching-off
RkJQdWJsaXNoZXIy MTM4ODY=