Why you should disable WiFi on your device when you leave home or work!

man-in-the-middle-attack

Disable WiFi when you leave home or work? You may think that there is no risk of having WiFi enabled on your smartphone at any time, but it’s not always the case.

Wireless devices that are not networked, constantly strive to connect to a wireless network via WiFi. The unit does this either through “passive” listening – which the device listens for network broadcasts themselves, or “active” search – where the device sends out requests to find a network to connect to.

Most devices nowadays use both active and passive search in an attempt to connect to known or preferred networks, eg home, work and your favourite cafes network. When a smartphone is listening actively, it will in most cases send the name of your favorite networks, also known as SSID – Service Set Identifier.

What is SSID?

SSID is mentioned short for Service Set Identifier, and and are often called network name – and that is precisely what it is. Each wireless network has its own unique network name and the wireless network devices that you want to associate with a wireless network, must match the access point. The access point and wireless network devices regularly send wireless packets that contain SSID information.

When your smartphone or another wireless network device receives such a packet from the network device, you can identify the wireless network.

SSID is considered a security weakness because the network name can be revealed in plaintext through a packet sent from the access point to the wireless device. Most access points is broadcasting it’s SSID, but many network administrators turn this function off. A hacker can still get information about the network name through sending network packets.

If a hacker knows the network or networks you normally connect to, they can collect enough information to find out where you live, work and drink your morning coffee.

Even worse; an attacker could set up a fake Wi-Fi network with the same SSID as the one you usually connect. The phone will recognize the false SSID’en as a known network and will connect and transfer data through this network.

If a unauthorized hacker get knowledge that you connect to the network “LinkXHomeHub” or similar, this might enable a so-called “man-in-the-middle” attack, where data sent between the device and the access point or between multiple devices using the access point to be captured by a mediator. From the user’s standpoint, it is impossible to discover that a third person intercepts information sent between two devices.

How a “Man-in-the-middle” attacks:

man in the middle attacks

1.A attacker places himself close to both the wireless device (smartphone or laptop) and access point (server or router). The attacker gives the impression that it is safe for your wireless device to connect to the fake network.

2.Your wireless device connects to the hackers network that behaves as a legit network between the real network and your wireless device.

3.The hacker “man in the middle” snap up all the information sent and received, and transmits this data to the real network.

4.As a result of this, the attacker can read and change the information. In the worst case sensitive data transmitted in the network might be stolen and misused. The attacker could also place malicious software (malware) on the user’s device.

Such an attack can be done even without knowing your WiFi password – and can be very critical they all those who use mobile banking. What is worrying with such attacks, is how easy it is to capture sensitive information and other information that you do not want to get out.

Using a small cheap wireless router, and some free software is all the hacker needs. You do not need any in-depth knowledge about networks or 802.1 protocols to perform a “man-in-the-middle” attack. The router can be hidden under a park bench or maybe in a potted plant inside a shopping mall or coffee shop.

How to avoid this?

Unfortunately there is no way to disable “active” search for networks on either Android phones or iPhone. You should go through the networks stored on your device and remove the ones you no longer use.

If you have WiFi enabled at all times, there is a significant security risk, because smartphones will automatically connect to open networks. Within seconds, an attacker could either obtain sensitive information, or inject malicious software on your device.

There are applications available, using location data to determine where you are (eg at work or at home) – that will enable / disable the wireless network automatically.

The best tip is to disable WiFi when not needed…….