W Christian Consulting

I just left a conference with several thousand people and feel prompted to share a simple practice to protect your devices.

In our hyper-connected world, whether you need to use a laptop or your phone has no signal, it’s common to connect to public WiFi access points. However, without proper network hygiene, you could be exposing yourself to vulnerabilities long after you disconnect.

SSID Spoofing 101

SSID Spoofing, or Network Spoofing, is a cyber attack in which a malicious actor creates a network with a name or Service Set Identifier (SSID) that mimics that of a legitimate network “known” to your device. Consequently, your device connects to that network and potentially exposes your traffic to the malicious actor.

Devices are vulnerable to SSID Spoofing because they readily connect to known networks and are constantly looking for them.  It’s a feature, not a bug. This is why your phone connects to the wifi network when you arrive home or when you go to a friend’s home.  The danger comes because your phone doesn’t generally know that your friend’s network should only be seen at your friend’s home.  So, it will gladly connect when you’re out and it sees what it thinks is a known network.  As I mentioned above, though, that exposes all of your traffic to ne’er-do-wells.

Total Isolation

To keep your device safe from SSID Spoofing, you should never connect to a wifi network.  Of course, that’s not practical.

Connect Wisely

A step up for total isolation is to limit the wifi networks to which your phone or computer connects.  Obviously, you’re going to connect to your home network.  However, you should think twice before you connect to other networks, including friends’ networks.  Should you be able to see this network, say a hotel network, where you are?  Is the network name spelled correctly?

When you’re in the mall or on a train, do you really need wifi access?  Even if you’re working at a coffee shop, note that many services offer “offline access” for editing documents.  Ultimately, is the boost to broadband speed over your LTE or 5G worth it?  Maybe TikTok can wait.

Personally, I almost never connect my phone to public wifi.  Unless I have no cellular signal, the cellular speeds are usually fast enough for whatever I’m doing.  Everything else can indeed wait.

Don’t Connect Automatically

If you do decide to connect to a public network, tell your device to not connect automatically.  Similarly, you can tell your device to not remember the network.  In either case, if you find yourself in the vicinity of the known network, it won’t connect on its own.  Yeah, that’s a little cumbersome, but it gives you control over when and where you connect.

Forget the Network

Lastly, if you’ve connected to a public network, be sure to “Forget the Network” before you leave.  That is, you should manually go to your wifi settings and tell your phone to disconnect and forget the network.  Your phone will completely forget that it ever connected to the network and will never connect again unless you tell it to.

With iPhones, you have to do this before you leave because there’s no (easy) way to see what networks your phone remembers unless they are in sight.

Conclusion

Unfortunately, like many network vulnerabilities, SSID Spoofing is very easy to do.  Other versions include setting up networks with the same name as and in the same physical proximity of legitimate networks, and setting up networks with a similar name to legitimate networks.  Honestly, there’s very little the average user can do to protect against these threats except total isolation.

However, with a little network hygiene, you can keep yourself reasonably protected.  By connecting wisely and forgetting networks, you can protect yourself from inadvertently walking into a hacker’s trap.

Tags: computer, cybersecurity, network, phone, spoofing, ssid