February 03, 2015
Defend Your Data From These Four Network Villains
You open your laptop and connect to the “Free WiFi” access point, no password required. Just connect and browse. Convenient, but definitely not secure. When it comes to network security, there are (at least) four villains out there that threaten your data: an evil twin, a local snoop, a remote attacker, and a traffic interceptor. Each villain attacks a different part of the network, so you’ll need a different tactic to fend off each attack. Let’s review!
The evil twin
A WiFi access point named “Free Hotel WiFi” might not be provided by the hotel. Anyone can create a WiFi access point with that name. It may be very difficult to identify the difference—hence the name for this type of attack.
The evil twin access point looks legitimate, but isn’t. When you connect your device to an evil twin, the attacker may access all the data that travels through the access point.
Never connect to an access point you don’t control. Your WiFi network at work is likely safe: your tech team manages and monitors the WiFi environment. Elsewhere, tether your devices: create your own WiFi hotspot connection from your phone (here’s how to do this from an Android or Apple phone). Or, connect directly to your mobile data provider’s network—for example, with an iPad that connects to an LTE network. A villain can create an evil twin cell tower, but that’s more difficult to do than to an evil twin WiFi access point.
The local snoop
When you connect to a WiFi access point that doesn’t require a passcode, the traffic between your device and the access point won’t be encrypted. Your usernames and passwords might be intercepted and viewed by a snoop scanning local WiFi traffic.
To guard against the local snoop, only connect to a WiFi access point that requires a passcode. The passcode encrypts the traffic between your device and the access point, and makes it more difficult for a local snoop to access your data. (Configure your home access point to use WPA2 encryption. Your organization also likely uses WPA2, but does so as part of an authentication system.)
A virtual private network (VPN) also protects against a local snoop. A VPN connection encrypts traffic from your system to a system elsewhere—from your computer to a server at your company, for example. A local snoop would need to decrypt the data to access it.
The remote attacker
A firewall protects your system from a remote attacker. Most organizations manage firewall settings in at least two places: one firewall that protects the organization’s internet connection, and additional firewall settings on each individual Windows or Mac system. These settings are typically managed by your system administrator.
Enable the firewall on your home Mac or Windows system. Proper firewall settings may prevent unintentional file-sharing and access. If you use a WiFi router, check your manufacturer’s instructions to access the administrative settings. Update the router’s firmware, and verify that the router firewall is on. Most routers enable the firewall by default.
The traffic interceptor
As you browse the web, your browser connects to servers all over the internet—and your data may travel many different routes. A traffic interceptor may access all of this data.
Encrypt your connection to protect your data in transit. Many sites do this by default. For example, if you type http://google.com to connect to Google, you’ll notice that the link automatically redirects to https://google.com. The “https” indicates that traffic between your browser and Google’s servers is encrypted. You’ll also see a green lock (in most browsers) to indicate the connection is secure. Type https:// instead of http:// to connect to a site securely. (There’s a plug-in that will do this for you automatically if you use Chrome or Firefox.) Unfortunately, not all sites support a secure connection.
Four… plus one
Follow these practices and you’ll protect your system from four different attacks on your data. Of course, you should backup your data, as well. That way, even if an attack succeeds, you can move to a different network—and a different device—and resume work.
Don’t let an an evil twin, a local snoop, a remote attacker, or a traffic interceptor ruin your data. Protect your systems and backup your data today.