20 Aralık 2017

Wi-Fi HotSpot technology, which allows free access to the Internet in the public domain, is put in service in many locations such as shopping malls, hotels, cafeterias and airports. While providing users with Internet access anywhere at any time, HotSpots expose users to security vulnerabilities as well. According to the Wi-Fi Risk report published by Norton in June 2016, 22% of the clients used banking applications, 56% visited their social media accounts, 38% shared photos or videos, and 58% accessed their email accounts on public Wi-Fi networks. [1] Experts have been emphasizing that the applications which involve such sensitive information must not be used on free Wi-Fi networks.

Generally, HotSpots are not seen as secure networks because of the risks of not implementing a strong encryption protocol or connecting to a fake HotSpot network. The WEP protocol, (Wireless Encryption Protocol) which was revealed to have vulnerabilities and to be broken very easily, is an old algorithm used in wireless networks. The WPA/WPA2(Wi-Fi Protected Access) protocol, which was developped to replace the WEP, has some vulnerabilities as well. The KRACK attack, which was launched last October and targeted all WPA2-based Wi-Fi networks no matter what device or platform, can also target the security of HotSpot networks.

The KRACK attack targets the 4-way handshake feature of the WPA2 protocol. Whenever the user connects to a Wi-Fi HotSpot network, the authentication protocol called four-way handshake steps in between the mobile device and the access point. This protocol manages security processes such as checking if the password sent by the user is correct or not, producing the key which is necessary to provide encrypted communication between the device and the access point. The encryption key produced by the WPA2 standard is produced individually, without being allowed to be reused. However the KRACK allows the victim to use an encryption key which was already used before in a similar manner to the method applied during the replay attack of the attacker who manipulates the handshake process. In this way, the encryption key can be reused and messages can be obtained. Considering the fact that most of the Wi-Fi networks use the WPA2 as their encryption algorithm nowadays, these networks need to be protected against the KRACK attack and the required updates ought to be applied.

Another security risk that is seen on HotSpot networks is the fake HotSpot networks which are created by attackers and which provide access to the sensitive information of users who get connected. This fake network gives the attacker the opportunity to perform the Man in the Middle Attack (MITM) which allows to monitor the traffic between the user and the server, to add something to data or change data.


The usage of processes which require sensitive information are not recommended on HotSpot networks. In case the usage of risky applications such as online banking or e-commerce is imperative, it is of crucial importance to execute the transaction via VPN. Using VPN is also highly recommended when employees need to get access to the ressources and applications of the company. Besides, attention must be paid to the connected websites if they use the SSL protocol or not. Preventing the device from automatically joining to Wi-Fi Hotspots when available is also another precaution to take.


[1] https://us.norton.com/internetsecurity-privacy-public-wi-fi-is-not-as-safe-as-you-think.html