3 min read

Don't Play the Attacker's Game, Use a VPN on Public Wi-Fi

Silviu STAHIE

November 25, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Don't Play the Attacker's Game, Use a VPN on Public Wi-Fi

A VPN solution could be all that stands between your data and a determined criminal. The scenarios in which a VPN makes all the difference are not always transparent to regular users. People would use it much more often if they only knew what they expose themselves to every single day.

The need for a VPN (virtual private network) is a simple one, for the most part. It's one of the safest ways to connect to another place on the internet in a way that makes it very difficult for anyone to intercept the traffic.

The traffic itself might seem worthless at first glance. After all, what can an attacker do after intercepting a Google search, for example? In reality, we're sending and receiving a lot of precious data. We use credentials to log in to services. We enter credit card details on shopping websites, we upload files to the cloud, and much more. Any of this could be of value to a cybercriminal.

Just the possibility of someone intercepting our traffic should be enough to keep us on guard, but how can we know that we're exposed or that we can fall victim?

Public Wi-Fis, the hidden danger of free internet

How often do we connect to a free Internet hotspot because it's cheap or convenient? Whether we're out for a coffee, working on a project, or simply walking about, we find ourselves in need of an internet connection. Lo and behold, there's free Wi-Fi in the area.

The trappings of a free Wi-Fi network are all too familiar to security experts, but people seem to welcome them with open arms. Users don't often consider that criminals can set up a Wi-Fi network to steal data using free internet as bait.

Not only is it possible, but it has also been done. Until billions of websites make significant changes, it will remain a problem. The only solution until then is a VPN.

SSL stripping is the way

Let's take an example of a common situation that can happen to anyone to show why we should use VPN solutions when connecting to the internet: an attacker sets up a Wi-Fi network that he completely controls. A user connects to the Wi-Fi and starts browsing a website, looking to buy something. Usually, the connection between the user and the website is encrypted, so even if the attacker gets that data, he can do nothing with it.

The attacker forces the user to connect to the internet through a proxy server he controls. The connection between the user and the attacker's proxy is not encrypted, but the connection between the website and the proxy is. As far as the website is concerned, this is a legitimate connection.

This is where the attacker's magic happens. The proxy forces the user to downgrade to an unencrypted version of the website, which means all the data the victim now sends is in plain text. And that includes passwords, usernames and credit card numbers. Everything is laid bare. Unless the user is paying attention and sees that the usual lock icon is no longer present, there's no difference between the two websites.

The solution

Ideally, all websites communicate in an encrypted manner with the users accessing them. However, many of them don't enforce it, and oftentimes the initial handshake happens through unencrypted channels before the switch to encryption. Simply put, it will take a long time for the practice of SSL stripping to become ineffective.

Until then, users have two options. Completely avoid public Wi-Fi or use Bitdefender Premium VPN. The user connects remotely to a secure server, and the traffic is encrypted. Even if the attacker somehow manages to go through with the SSL stripping process, the connection between the user and the VPN remains encrypted, so any data he might capture will be worthless.

Online security is something that most people take very seriously when working from the comfort of their own homes or office. Why not do the same when connecting to unsafe public networks?

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Meta Pays Out Bounties for Account Takeover and Two-Factor Authentication Bypass Exploits Meta Pays Out Bounties for Account Takeover and Two-Factor Authentication Bypass Exploits
Silviu STAHIE

January 31, 2023

1 min read
Hackers steal 10 million customer details from JD Sports Hackers steal 10 million customer details from JD Sports
Graham CLULEY

January 30, 2023

2 min read
North Korean Hackers Tried to Launder $100 Million in Crypto Stolen in 2022 North Korean Hackers Tried to Launder $100 Million in Crypto Stolen in 2022
Silviu STAHIE

January 25, 2023

1 min read