Public Wi-Fi and Security Concerns – Harshad Krishnaraj, Md. Saidul Arifin Shuvo, Shah Zaib

Posted byHarshad Krishnaraj Leave a comment on Public Wi-Fi and Security Concerns – Harshad Krishnaraj, Md. Saidul Arifin Shuvo, Shah Zaib

Teaching Aide

https://www.instagram.com/cybersafecanucks

According to the National Institute of Standards and Technology, Wi-Fi is a wireless local area network that provides an internet connection. A public Wi-Fi network is essentially wireless LAN provided in public spaces. Often anyone within the range can easily access the network for free or a nominal fee. 

Uses of Public Wi-Fi 

It is used for making the internet accessible for users in public spaces. There are many uses for public Wi-Fi:   

  • Convenience: It allows users to stay connected while in public spaces like cafes, hospitals, schools, restaurants, shopping malls, etc. The access to internet can allow users to do tasks like sending emails, using social media, browsing the web, use navigation, and other tasks while on the go (Peter et al., 2019).   
  • Support for Local and Economic Activities: Having internet access points in public can allow for increased foot traffic (Potts, 2014). This can help businesses in the vicinity with increased potential for economic activity.   
  • Public Access and Social Equity: It provides internet connection to folks who might not have access to the internet at home or have limited access to data services over the mobile network provider (Peter et al., 2019). This reduces the digital divide and provides equitable access to the masses.   
  • Emergency and Public Services: In cases when traditional access to the internet is not working, public Wi-Fi can help in allowing folks to remain connected or reach out to emergency services (Potts, 2014). 

Architecture of Public Wi-Fi 

There are several components involved in the architecture of a public Wi-Fi. Here are some of the components involved:   
   

  • Access Points – In a setting where public Wi-Fi is available, access points and routers are set up to provide internet access within that setting. Access points help connect the users to the router(s) which then sends the data packets to the world of the internet (Cisco, n.d.).  
     
  • SSID (Service Set Identifier) – SSID is a unique identifier that is broadcasted, so the users in the range of the broadcast can connect to the Wi-Fi using the specific SSID. A user can click on the SSID and connect to the access point which then routes packets to the router destined for the internet (IEEE, 2013).   
     
  • Router – The user’s devices communicate with the router on the network. The router facilitates the communication of the device with the internet. The internet service provider commonly known as ISP helps the communication of the router with the wider internet (Potts, 2014). The routers on the network are shared by all the devices.  

Importance of Security in Public Wi-Fi 

Kaleta and Mahadevan (2020) analyzes the security of public vs. home internet networks. Public Wi-Fi is generally less secure than a private network than most users have at home. This is due to several reasons including infrastructure set up for access points in such an environment. Often publicly available wireless networks are not password protected. Any user, including the ones with malicious intent, can connect to the network. This makes the network user prone to man-in-the-middle attacks where the threat actor can potentially read the data being sent over the network by a user. Businesses providing public Wi-Fi as a convenience factor to their clients can sometimes in spirit of cost savings might not opt for robust security options offered by ISPs.   

In a public setting, a user has minimal control over the security settings of the network they are connected to. Due to the open-access nature of public Wi-Fi networks, the goal is to provide ability to maximum number of users to connect to the internet. There could be a lack of firewalls, encryption, password requirements, etc. This leaves the users exposed and prone to threat actors. 

Vulnerabilities in Public Wi-Fi 

Man In The Middle:  MITM or man-in-the-middle, is one of the famous cyberattacks where attackers targeted altering and manipulating communications between sender and receiver. For instance, Alice visits McDonald’s and connects it’s public Wi-Fi to browse for dogs on a website called “pets.com.” In the meantime, attacker Eve is keeping an eye on the data traffic, which is unknown to Alice.   

After that, Eve started to deceive Alice by communicating with Alice, as Eve is the network router. Alice thinks that she is communicating with the pets.com server directly and sends a request. Instead of pets.com, the request goes to Eve. Then, Eve reads the request and forwards it to pets.com, but before that, he modifies the request with the information of cats.  

This Man in the Middle attack manipulates ARP (Address Resolution Protocol) that is used in local networks to make bridges between IP addresses and MAC addresses. The bad actors use ARP spoofing since any gadget can affirm to be attached with any IP addresses. Additionally, through interference and exploiting communication streams, this type of attack is even capable of circumventing SSL encryption.   
   
In this scenario, Eve can imply DNS spoofing, which allows him to divert Alice requests to his own IP as a replacement of the original one. Most of the time end users do not have any idea about security measures like certificate authority, which validate SSL connections and lead them to vulnerability by unintentionally allowing unauthenticated connection channels.   

Rogue Access Points:  

In Rogue Access Point attack, hackers pretend to be authentic Access Point (AP) entities to mislead end users to get connected, and hackers take full control of all network communications from the end users.   
   
It is challenging to ensure the authenticity of this kind of AP, as becoming strict can prevent users from getting connected to it. Again, another common attack called “Denial of Services” or DoS through Rouge Access Points exists where end users request actual do not reach to the actual server after connecting to those unauthorized APs. These kinds of scenarios mostly occur when mobile users turn off their cellular data and get connected to public Wi-Fi, which makes them incapable of getting connected to the internet.     

Public Wi-Fi network vs private Wi-Fi network 

There are some significant differences between public and private Wi-Fi networks in terms of security and policy, safeguarding assets, and individual operations. Definitions of public and private Wi-Fi networks are:  

  • Public Wi-Fi network: A public Wi-Fi or open Wi-Fi indicates a network that is designed to be easily accessible to any person without any special permissions or credentials. For example, open Wi-Fi is found in public gatherings like airports, coffee shops, or libraries. 
     
  • Private Wi-Fi network: The outline of a private Wi-Fi network, along with LTE (Long Term Evolution) and CBRS (Citizens Broadband Radio Service) is more secure than public Wi-Fi, where it provides connections to authorized devices or users.  

There are some primary differences between public Wi-Fi network and private Wi-Fi network in terms of accessibility, purpose, security, IP addressing, and cost:  

There are some primary differences between public Wi-Fi network and private Wi-Fi network in terms of accessibility, purpose, security, IP addressing, and cost: 

Key Points Public Wi-Fi network Private Wi-Fi network 
Accessibility Provide connection to anyone nearby  Allow limited connection to authorized devices or users only  
Purpose Widespread access and overall connectivity to the public Internal access and confidential communication 
Security Susceptible to cyber threats and malware More secure and controlled  
IP addressing Use globally unique IP addresses Use only private IP addresses  
Cost Generally cheaper Expensive 

Cyberattacks on Public Wi-Fi 

Packet sniffing is a cyberattack methodology where it captures various data packets when they travel through an unencrypted computer network. In this hacking method, they target the network traffic, which involves sensitive data like personal bank details. Hackers then manipulate this data later on for another hacking attempt.  

Two main approaches to packet sniffing are:  

Active packet sniffing: Active packet sniffing is usually deployed on mega networks where network switches must be used due to connecting lots of devices on a single network. To lessen the traffic load, these extra network switches need to be added to the network.   

Moreover, in active network sniffing, hackers introduced some more traffic to the network by pushing the network switches to divert authorized traffic. In this way, hackers initiate the attack by obtaining access to the network switch. However, this approach is more noticeable as it must reveal itself first to the network to start sniffing.   

Passive packet sniffing: This type of sniffing attack is the most used and targets the smaller networks where all end devices are connected to a single hub. In passive packet sniffing, they don’t really on network switches like before direct traffic. They calmly lounge on the network and capture the data packets that travel through the network. In a consequence, they gather sensitive information without actively discloses themselves in the system, and that is why it is hard to find them.   

Through all types of packet sniffing are similar, however, based on network size, area, device ports, or websites; hackers choose different methods which are:  

Password sniffing: This sniffer method captures data packets that carry login credentials like username and password. Nonetheless, this method is rare right, as almost all websites or systems are concerned about encrypting their login credentials.   

DNS poisoning: In DNS poisoning, DNS spoofing, or DNS hijacking, hackers target large companies that operate large DNS servers. For directing network traffic to its destination, this company needs to change website domain names to IP addresses. Hackers usually turn the original network traffic to a malicious website through a packet sniffer.     

JavaScript sniffing: Form jacking or JavaScript sniffing mainly targets the financial institution where they push malicious code on financial websites like e-commerce. This sniffing works like ATM card skimmers, where they capture payment card data, including other personal information.   

ARP (Address Resolution Protocol) spoofing: This spoofing actually takes place on the Local Area Network (LAN) level. Hackers spoof the IP address of a host or device, which led the traffic to the hacker’s destination instead of the real destination.   

DHCP (Dynamic Host Control Protocol) attacks: In dynamic routing protocol, there is always a pool of all available IP addresses. When a host requests for an IP address, then an available IP address is allocated to that host automatically. Hackers send lots of fake DHCP requests to the DHCP pool so that all available IP will be used. The bad actors use this sniffing method as a tool for other cyber-attacks like Denial of Service or DoS attacks.  

TCP session hijacking: TCP or Transmission Control Protocol, operates at the transport layer, which secures the data communication between sender and receiver in a complete orderly manner. During TCP session hijacking sniffing, hackers obtain access after establishing the TCP connection and start sniffing the network traffic.   

Walkthrough

Scope 

Our teaching aid focuses on showcasing the different security vulnerabilities associated with public Wi-Fi networks. After addressing these risks, we will then dive into the methods of infiltration that an attacker might use to exploit users’ systems. Delivering this teaching aid will guide learners through different scenarios of IP address interception, such as packet sniffing, man-in-the-middle (MITM) attacks, and rogue access points. Firstly, we will explain the rudimentary operations of a public network. Once the students are familiar with the ideas we present, we will examine standard techniques attackers use to compromise user privacy. The final sections will highlight the potential risks associated with IP address exposure and how users can protect themselves. 

Key Points Include: 

  • Public Wi-Fi Network Operation: Understanding the basic functioning and architecture of public Wi-Fi networks. 
  • IP Address Interception Methods: Detailed description of techniques like packet sniffing, MITM attacks, and rogue access points. 
  • Risks of IP Address Exposure: Exploration of risks such as tracking, geo-location, and DDoS attacks. 
  • Protective Measures: Actionable steps users can take to protect their privacy, including using VPNs, encrypted communication, and best security practices. 
  • Real-World Examples: Case studies illustrating the risks and real consequences of Wi-Fi vulnerabilities. 

Engaging Learning Style 

The teaching aide we have designed will use a multi-format approach, combining social media content and a theoretical guide. Additionally, our team understands the importance of showing our students rather than just telling them, which is why we opted for a visual style on a medium that most people are familiar with. By creating an Instagram account, we can showcase education in an entertaining and informative format. By utilizing both these aspects of delivery, we aim to engage the audience with bite-sized information that is captivating enough to complete a lesson. 

Bridging the Gap Between Practical Learning and Academic Research 

We aim to bridge the gap between theoretical research and practical, accessible learning. Public Wi-Fi security is a critical topic as more people rely on these networks daily, yet many users remain unaware of the associated risks. Our guide simplifies complex topics such as packet sniffing and man-in-the-middle attacks by breaking down the technical details in an approachable way. By combining visual elements on social media with a detailed theoretical guide, we will empower students to understand the real-world implications of these vulnerabilities and motivate them to adopt better security practices. 

Conclusion 

At the beginning of our research, we sought to create an informative and engaging report discussing the need to increase awareness of the lack of security within public Wi-Fi networks. As we progressed, it became clear that through social media and in-depth resources, we would have a better chance to ensure that learners could better understand the risks and protective measures they can adopt. This educational tool will raise awareness and equip students with the knowledge to navigate public Wi-Fi networks safely in their everyday lives. 

Discussion Questions

  1. What data security measures should network providers be expected by the end user to implement and ensure? 

Answer: The Internet has become a vital part of life in the 21st century. The whole world turned into a global village with the help of the internet. People really felt the importance of the internet during the COVID pandemic situation when everyone was conducting their daily life necessities, including communication, education, business, and health, through various internet platforms. In our daily lives, we get connected through every corner of the world through various public or private internet networks. Those networks are provided by telecommunications companies or interservice providers. Every network provider should take some security measures that will ensure the data privacy of the end user. Some of the steps can be: 

Picture by CXOtoday 

  • NIDS, or Network-based Intrusion Detection System, can be enforced in the system, which will monitor network traffic and packets passing through. Additionally, this system can alert and then delete any packets that violate certain rules and regulations. 
  • In every network access hardware, internet providers can set different subnet intrusions from the primary servers. The bad actors of the internet must be obliged to go across switching and intrusion prevention management or detection management. 
  • Implementing an ACI, or access control list, at an access point can be an effective solution. In this mechanism, it decides to allow or deny a request using an IP address and port number to 
  • Firewall systematization in between ISPs server, the Internet, and the ISPs user can be another security measurement. This structure will add an extra security feature to the system, as every network request has to pass through a firewall to reach the internal network. 
  • A strong password policy should be implemented by the network service providers. Password characters with more than six digits, including special characters, serve a strong password match.  
  • Internet providers can keep track of log information, which will help them to take further legal action. Elements of session log information are user information, IP addresses, and the time of connection. 
  • Secure Shell Layer, or SSL, on mail and web servers is another process that can be installed by network providers.’ 
  1. What are the most effective strategies for ensuring online safety while using public Wi-Fi networks, and how can users protect themselves from potential security risks? 

Answer: In our everyday lives, some situation occurs when we find it necessary to connect to public Wi-Fi to fulfill our requirements or accomplish tasks. Based on this situation, hackers observe these networks vulnerability to breach user’s data security. For that reason, regular users should have minimum knowledge of how they can protect themselves from these potential threats. Such as: 

  • The user should always verify the network name properly before connecting. Cyber attackers create fake networks with innocent names like “Tim Horton Client2,” “KFC Customer 2,” etc. that may seem secure to the user. However, attackers can capture any login credentials and passwords that log into their fake network. For that reason, check the network name carefully, and if unsure, confirm with staff or signage. 

Picture From 360 Total Security  

  • Auto-connect to a public network can be a window for accessing the device. Many electronics, like smartphones and laptops, can have this feature, which should be turned off by the user. Additionally, always check for “forgetting network” after using public Wi-Fi. 
  • Open Bluetooth connectivity also works as a window for the hackers to enter the system. Bluetooth connectivity creates a channel for communicating with each other. Cyber attackers send Bluetooth signals to obtain access from other users. As a consequence, this function should turn off in the device. 
  • Both Windows and Mac operating systems have the feature of sharing files while using public Wi-Fi, which must be deactivated as bad actors can send malicious files on the device. 

For a Windows or PC: 

“Network and Sharing Center” → Change “Advanced sharing settings” → Deactivate “File and Printer Sharing.” 

For Macs: 

“System Preferences” → Select “Sharing” → Unselect everything → In Finder, go to “AirDrop” → Click “Allow me to be discovered by: No One.” 

For iOS: 

“Control Center” → Select “AirDrop” and turn it off. 

  • Using VPN, or Virtual Private Network, can be a security wall on a public Wi-Fi network. A VPN system acts as a security tunnel where it encrypts data before sending it from the user’s device. As a result, data becomes invisible at the time of passing through a public network. 
  • Accessing a bank or financial portal through a public network Wi-Fi should be avoided even if your device has a VPN installed. Use the phone’s hotspot function. 
  • Always connect to secured public Wi-Fi instead of unsecured one. One can determine secure public Wi-Fi by checking if it asks for a log-in credential and password or registering at the time of accessing the network. Unsecured public Wi-Fi is usually kept open and never asks for a log-in credential or password. 
  • Always check if your firewall is enabled or not on your laptop. For Windows users: go to “Control Panel” → “System and Security” → “Windows Firewall” and enable the feature. For Mac users: go to “System Preferences” → “Security and Privacy” → “Firewall” and then enable the feature. 
  1. How can we effectively teach users to identify and trust secure networks?  

Answer: When wireless networks like public Wi-Fi are always suitable for us, on the other side, these networks are also easy scope for hackers to exploit systems and deploy attacks. Though there are a lot of cybersecurity measurements, however, lastly, the end user plays a vital role. That is why creating concern, and knowledge among regular users is required. Some steps can be taken to educate users to identify and trust secure networks: 

                                                                                                                                     Picture from Keepnet Labs 

  1. Recognize the Risks: Every user should have the basic idea of the most common cyberattacks, like rogue access points, Wi-Fi sniffing, and man-in-the-middle attacks. Firstly, hackers create fake networks and use them to exploit original network traffic, which is known as rogue access points. Next, Wi-Fi sniffing is used to capture network traffic and capture sensitive information like login ID-passwords or other financial information. Lastly, in man-in-the-middle attacks, hackers input malicious systems in between sender and receiver. Besides knowing the most common attack, users should have an idea about stolen devices. Hackers can analyze the device and use it against the user. 
  1. Enforce Security Guidelines: To identify and trust secure networks, one should have knowledge about authentication or user identification, network segmentation, and device management tools to supervise one’s own device. 
  1. Offer Training and Raise Awareness: Some basic relevant training programs can be arranged for regular users on both online and physical platforms. These programs will expand users’ knowledge on the basics of data security, recent cyber-attack methods, and ways to prevent them. Online platforms like Udemy or Coursera can come forward to introduce some free theory courses. Besides, simulation tools like Wireshark and Nmap can open free access for the regular user so that user can simulate the real scenario. 
  1. Track and Assess: In addition to training, observing the aftereffect is also essential, as this will encourage end users to learn more about data security. Training results can be collected through surveys or interviews on various online platforms like SurveyMonkey, Google Forms, Zoom, Qualys, Nessus, NIST, Splunk, Tableau, or Power BI, which will be more suitable. In this way, authority can track the outcomes and plan for better training plan. 
  1. Foster Feedback and Continuous Improvement: Another effective step can be creating a culture of giving feedback and continuous improvement. Authority can provide a friendly platform where end users can share their thoughts, ideas, concerns, or suggestions. In both physical gatherings and online platforms like Slack, Discord, or Zoom can be used for these kinds of discussion forums. 

References

Almarri, A.J. (May 2019) An investigation of the different risks associated with: The public Wi-Fi and Hotspots [Pdf]. Retrieved from https://bspace.buid.ac.ae/items/27029740-01d7- 4bae-a6ab-9f0871ba3e9b 

Atkinson, J. S. (2015). Your WiFi is leaking: inferring private user information despite encryption (Doctoral dissertation, UCL (University College London)). 

Cisco Systems. (n.d.). What is a wireless access point? Cisco. Retrieved November 7, 2024, from https://www.cisco.com/c/en/us/products/wireless/what-is-a-wireless- access-point.html 

Farrier, E. (2023, June 29). What is a packet sniffing attack? A cybersecurity guide. Norton. https://us.norton.com/blog/emerging-threats/packet-sniffing-attack 

IEEE Standards Association. (2013). IEEE standard for information technology— Telecommunications and information exchange between systems—Local and metropolitan area networks—Specific requirements. Part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications (IEEE Std 802.11- 2013). IEEE Xplore. Retrieved from https://ieeexplore.ieee.org/ 

Kaleta, J. P., & Mahadevan, L. (2020). Examining differences in perceptions of trust, privacy and risk in home and public Wi-Fi internet channels. Journal of Systems and Information Technology, 22(3), 265–287. https://doi.org/10.1108/JSIT-04-2019- 0075 

Karaymeh, A., Ababneh, M., Qasaimeh, M., & Al-Fayoumi, M. (2019, October). Enhancing data protection provided by VPN connections over open WiFi networks. In 2019 2nd International Conference on new Trends in Computing Sciences (ICTCS) (pp. 1-6). IEEE. 

Locke, J. (2024, May 10). Private network vs public network: 5 key differences. Private Network vs Public Network | Digi International. https://www.digi.com/blog/post/private- network-vs-public  

National Institute of Standards and Technology. (n.d.). Wi-Fi. Computer Security Resource Center. https://csrc.nist.gov/glossary/term/wi_fi 

Peter, M., et al. (2019). Best way to protect yourself in public Wi-Fi. International Journal of Recent Technology and Engineering, 8(2), 53–54. https://doi.org/10.35940/ijrte.B1314.0882S819 

Potts, J. (2014). Economics of public WiFi. Australian Journal of Telecommunications and the Digital Economy, 2(1). https://doi.org/10.7790/ajtde.v2n1.20 

Sunbul. (2024, October 20). Difference between public vs private networks. RedSwitches. https://www.redswitches.com/blog/public-vs-private-networks/ 

Leave a comment

Powered by UCalgary

The views, information, or opinions expressed on this site are solely those of the individual(s) involved and do not necessarily represent the position of the University of Calgary as an institution.

Website Terms & Conditions | Privacy Policy | Copyright © 2024