Most people think that hackers are neckbeards that sit in a dark cellar and try to break into Pentagon. But in reality, anyone can be a hacker. Any teen can download a suit of scripts from some forum and try to get an access to someone else’s information.
And there are no cellars involved either. Hackers usually prey in cafes, in hostels, on buses or planes — anywhere, where there’s an open WiFi hotspot and people that are constantly using it. So let’s figure out how hackers actually operate and how you can protect against their attacks.
IMPORTANT. All attacks described here are illegal and actively prosecuted.
Timmy has a laptop, some leisure time and a desire to do something with it. So he goes to the nearest cafe, turns his laptop on, connects to the open WiFi spot and waits till something happens. For example, until Michael — another visitor of the cafe — logs into his blog.
At that moment, the server that hosts the blog sends a cookie file on Michael’s laptop. It is needed to identify Michael’s browser and stop demanding his password on every page. But since the WiFi is open, Timmy’s laptop intercepts the cookie file and copies it. Later, hacker will be able to access the website without a password, since it will think that the cookie is till used by Michael.
That is called sniffing, since Timmy’s laptop sniffs the cookie files out of the other traffic.
Man in the middle
Timmy still has his laptop and leisure time, but there’s no open WiFi spots around. But Timmy has a 3G-modem with a WiFi router. So he goes to the cafe with a secure WiFi hotspot and transforms his laptop into another hotspot, with the same name and password. Later, Michael accidentally connects to the fake hotspot. Now all his traffic is going through Timmy’s laptop and he can easily find all his logins, passwords and even financial info.
That is called A Man in the Middle. That’s the name of the third party that is a part of a transaction, but remains unknown to both the sender and the receiver. In this case, the Man in the Middle is Timmy’s laptop.
There are two ways to execute this attack.
- Passive MitM. In this case, the attacker simply reads all the data and transmits them to the receiver unmodified.
- Active MitM. The data is still read and saved, but now it is also modified. For example, virus-like scripts are added to the web pages. Or the software update packages are replaced with viruses. Later, the virus will take over the infected device and the hacker will get all the information on it.
A Man in the Middle is pretty advanced for a homegrown hacker. But if Michael’s website uses HTTPS, then Timmy has no use for his traffic — it is encrypted by a 256-bit key, which Timmy will be cracking until the joint release of Half-Life 3 and Dreams of Spring. So he decides to bypass the encryption and make Michael give him the login and password directly.
To do this, he creates on his laptop, which will once again act as a hotspot, a direct copy of Michael’s login page. Then, he creates a redirection. Now when Michael accesses his blog, he doesn’t get to his login page — he gets to the page Timmy made. There he enters his login and password, receives a message that his blog is unavailable right now due to some maintenance at the hosting, shrugs and goes off to do something else. And Timmy gets to keep the password.
Also, if Timmy’s attack is really well engineered, then the fake page will actually transmit Michael’s data to the real one and send him to his intended destination. But the login and password will be stolen anyway.
That’s called phishing, due to Timmy baiting people, who do not pay attention to the URLs or hotspot names, with the fake website pages. Of course, some people will notice the wrong URL and close the tab ASAP, but some won’t — and that’s enough for Timmy.
Why hackers collect passwords
If hacker gets access to your blog or Facebook page — they will write a swear word on it. Or delete it. Or maybe even upload some banned materials to it and send a link to your local law enforcement.
If hacker accesses your financial data — it’s even worse. But the exact damage done depends on the type of the attack. Sniffing rarely gets them enough data to access your bank account, but now that they know which bank you are using, they can prepare a phishing page. And with it, they will get the rest of the data and the access to your money.
Overall, the destructive potential of any given hacker is limited only by their imagination.
How to protect against hackers
- Do not use public WiFi. If you need internet outside of your house — get a mobile plan with 3G or 4G and use your phone as a hotspot. Or even buy a portable modem with embedded WiFi in order to spare your phone’s battery.
- Do not go to suspicious websites. If your browser warns you that the page is unreliable or unprotected — do not access it. Most likely, it’s a phishing page.
- Don’t forget to log off on all devices. Some websites offer an option to log off on all devices. This invalidates all already issued cookies and forbids hackers from using them to bypass the login screen. So if you are accessing a website from an open hotspot — don’t forget to use this option.
- Check whether your software updates are legit. A talented hacker can easily send a fake update signal to your Adobe Flash or Java plugin. But instead of a new software version, it will contain a virus that will hijack your PC. So, before you install something, check where it came from.
- The best option is using only the software from the official store. It’s nearly impossible to send a fake update from Windows Store, App Store or Google Play.
- Use VPN. VPN is a relay server. All connections between the VPN and your device are encrypted — including the URLs you are accessing. It’s a great protection from sniffing and phishing pages. Free VPN is available in Opera browser.
Install an antivirus. If your device is powerful enough — install an antivirus software. It can even be a free Avast Suite. This will supplement Windows Defender and stop hackers from using virus attacks. Even on your phone, you must have an antivirus.
Do not use the same password elsewhere. When a hacker gets access to the password, he gets access to everything protected by it. So use unique passwords for everything — this way you will be able to minimize the damage if you are ever hacked.
Massive attacks using public WiFi are probably the most dangerous ones. They require minimal preparation and guarantee a hacker a lot of leeway. Of course, targetted attacks on someone are much more sophisticated, but at the same time they require a lot of time and skill, and are a lot more risky. Most of us are not interesting enough for hackers to employ them.
So follow those rules, be vigilant and not afraid to seem paranoid. And if you have any questions — leave them in comments!
Subscribe to get useful articles and updates.