WiFi is convenient.  You can connect your device in a matter of seconds, easily move around free of cable clutter, and you can get your device to automatically connect to a network whenever it’s within reach after the initial log-in.

With many countries seeing access to the internet as a human right – or a means of exercising human rights – public WiFi is on the rise.  454 million public WiFi hotspots were registered in 2020, and the number is projected to grow to 549 million by 2022.

As encouraging as it is that an increasing number of people are able to take advantage of free internet, an alarmingly large number of them do not fully comprehend, are aware of, or care about the danger of using public hotspots.  Research has found that as much as 60% of people log into their personal email accounts when using public WiFi.  25% log into their work emails.  Finally, 25% see no problem with viewing their financial data online when using public WiFi.

As an organization – whether you are a government body, a healthcare provider, an educational institution, or a private corporation – you must take WiFi and its users’ possibly irresponsible behavior into consideration when setting up layers of cybersecurity in order to protect your data.

How WiFi cyberattacks work

As far as public WiFi connections go, it doesn’t take much to use them for malicious purposes.  Oftentimes, data transmitted through such connections is not encrypted, allowing hackers to “listen” to its transmission.  Rogue hotspots can be set up to look like legitimate public hotspots, tricking users into connecting and compromising their data.

Now, most organizations set up a private WiFi network for their employees to connect to.  They set up long passwords, perhaps even change these passwords regularly, and believe that’s sufficient.  It’s not.

Types of WiFi cyberattacks

Rogue access point

A rogue access point is an access point that’s installed on a network without the permission of the network’s owner or its administrator.  When your employees connect to a rogue access point, they unknowingly compromise the safety of not only their data but your entire organization as many attackers will try to use a single device to expand their access to the entire network.

Evil twinning

Similar to the rogue access point, this type of WiFi cyberattack tries to trick people into connecting to it.  In this case, they set up a hotspot that sounds legitimate – e.g. Department of Labor WiFi 1.  Once again, connecting to the ‘evil twin’ hotspot puts the security of data at serious risk by giving attackers a point of access.

Packet sniffing

Data is transmitted via WiFi in the form of packets.  Hackers try to capture these packets while they are being transmitted.

Denial of Service (DoS) and Distributed Denial of Service (DDoS)

The goal of DoS attacks is to overwhelm a network, disrupting its operation and limiting the intended users’ access to it.  Since WiFi networks operate via radio waves, cyberattackers are able to send an interfering transmission that can overwhelm the network.

A DDoS attack is a DoS attack on a larger scale with multiple disruption sources getting activated at the same time.  The goal of the attack is to disrupt the entire system.

Steps to take to protect your data from WiFi attacks

Everything begins with employee training.  60% of breaches can be linked back to human errors.  Educate your employees on the most common types of cyberattacks, how they can spot suspicious activities, and how to change their daily habits to minimize the risk of compromising the security of data.

Switch to WPA3 if you haven’t already.  It’s the third generation security protocol that offers stronger security features, including 192-bit encryption and its mandated use of Protected Management Frames.

Create a separate network for guest users.  Keep your private WiFi network separate from the one you make publicly available.

Keep your hardware and software up to date.  Updates are typically introduced for one of the two reasons: 1) improved/new features; 2) patches to identified vulnerabilities.

Regularly run access point scans to identify and eliminate such unauthorized connections.

Develop either a strong BYOD policy or purchase a BYOD management solution (or both).

Invest in Wireless Intrusion Prevention sensors.  They will monitor your organization’s airspace and network for rogue or misconfigured devices and will deploy real-time intrusion prevention measures.

Finally, regularly run vulnerability scans to help identify vulnerabilities in the network that a hacker may potentially employ, which can include scanning the access points themselves for misconfigurations.