THE ADVENTURES OF BILLY

Comprehensible Information Security…

Rogue Networks

Billy’s Adventures:

What is a Rogue Network?

Wi-Fi hotspot are a useful way of accessing the internet with wireless devices and can be found in homes, workplaces, and public areas. However not all Wi-Fi networks are secure, and there are ways they can be used by attackers to get hold of your data. 

Rogue Access Points

Cybercriminals can set up their own public Wi-Fi network to try and get victims to connect. After connecting their laptop to the internet, they then create a hotspot calling it something like 'free_wifi'. Once the victim connects they are effectively connected to the attacker's computer and all the data you send and receive can be captured. 

Sniffing

Sniffing is a way by which attackers capture a victim's data as it is sent over a Wi-Fi network. This can allow them to steal login details and sensitive information to then be used to commit offences against them. Every time you open an app on your phone login details are sent across the network and can be intercepted. 

What harm can a rogue access point do?

Rogue access points and their clients undermine the security of an enterprise network by potentially allowing unchallenged access to the network by any wireless user or client in the physical vicinity. Rogue access points can also interfere with the operation of an enterprise network. Rogue access points can do the following damage: 

​

  • Allow a hacker to conduct a man-in-the-middle attack. The attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.

​

  • Send fake SSIDs (Wi-Fi name) advertising attractive features such as free Internet connectivity. Once a user connects, the fake SSID is added to the client’s wireless configuration and the client begins to broadcast the fake SSID, thereby infecting other clients.

Public Wi-Fi

When using public Wi-Fi, it is good practice to restrict browsing to websites that do not require login credentials, and not to use the network for accessing sensitive data. 3G mobile connections, for instance, can be typically considered much safer than public Wi-Fi. 

Detection

Reasons to suspect a WiFi access point:

  • Multiple access points in the same location with the same name. One of them is likely to be rogue.   
  •  
  • • Likely to be unencrypted, exposing your data. A legitimate acces point will encrypt and protect your data.      

Protection

If you have no other choice but to use a unsecured network then be sure to use a Virtual Private Network (VPN)

​

Running a VPN ensures that any data is sent through an encrypted tunnel that cannot be easily snooped upon by malicious parties.