Introduction

Many locations now offer free public WiFi. Free internet access is advertised as an added perk of using various services, including those provided by airports, hotels, and coffee shops. Being able to access free internet while on the go seems ideal to many people. The ability to access work emails and share documents online makes this very beneficial for business travelers.
However, fewer internet users may be aware that there are more dangers associated with utilizing open WiFi hotspots, and the majority of those dangers are tied to Man in the Middle attacks.

"Man in the Middle"

When a malicious actor succeeds in intercepting the communication between two parties, a Man in the Middle (MitM) attack takes place. Although there are many other kinds of MitM attacks, one of the most frequent ones involves intercepting a user's request to access a website and responding with a fake webpage that appears official. Almost any website, including those for online banking, file sharing, and email services, could experience this.
For instance, if Person A (she) attempts to access her email and a hacker (he) is able to eavesdrop on the conversation between her device and the email provider, he can launch a MitM attack and trick Person A into visiting a bogus website. The hacker might use person A's email to carry out more sinister deeds, including sending phishing emails to Person A's contact list, if he is able to acquire her login and password.
The Man in the Middle, then, is a third party who can intercept data transferred between two sites while posing as an authorized intermediary. However, MitM attacks can also be used to just intercept a private chat. Typically, MitM attacks attempt to deceive users into entering their sensitive data into a false website.

WiFi listening

One type of MitM attack is WiFi eavesdropping, in which the hacker uses a public WiFi to observe everyone who connects to it. The data that was obtained may range from browsing and traffic patterns on the internet to personal information.
Usually, to accomplish this, a phony WiFi network with a convincing name is created. The name of the phony hotspot is frequently extremely similar to that of a business or store in the area. The Evil Twin approach is another name for this.
For instance, a customer might walk into a coffee shop and discover three WiFi networks with the names CoffeeShop, CoffeeShop1, and CoffeeShop2. Most likely, one of these WiFis belongs to a scammer.
This method can be used by hackers to gather data from any connected device, giving them access to sensitive data like login credentials and credit card numbers.
One of the dangers of utilizing public networks is WiFi eavesdropping, thus it is always better to stay away from them. If you absolutely must use free WiFi, be careful to ask a staff member if it is legitimate and safe.

Network sniffing

Criminals occasionally utilize particular computer programs to intercept data. Legitimate IT professionals frequently use these tools, sometimes known as packet sniffers, to record digital network traffic so they may more easily find and analyze issues. These systems are also employed by private organizations to track web browsing trends.
However, a lot of these packet analyzers are taken advantage of by cybercriminals who use them to obtain private information and carry out illicit actions. Therefore, even if nothing appears to go wrong at first, victims may discover later that someone has stolen their identity or that their company's sensitive information was somehow disclosed.

Theft of Cookies and Session Hijacking

In a nutshell, cookies are little data packets that web browsers gather from websites in order to store some browsing data. These data packets are typically kept locally (on the user's computer as text files) so that the website will identify them when they come back.
Cookies are beneficial because they make it easier for people and the websites they visit to communicate. For instance, cookies let users check in once and not have to input their credentials again the next time they visit a specific website. Online stores may also use them to keep track of the things that customers have previously added to their shopping carts or to observe their browsing behavior.
Cookies cannot carry a keylogger or malware because they are just plain text files, thus they won't harm your machine. However, cookies are frequently utilized in MitM attacks and might be risky to your privacy.
Cookies that you use to communicate with websites can be intercepted and stolen by malicious actors, who can then use that information against you. The term "Cookies Theft" and "Session Hijacking" are frequently used interchangeably.
When a session hijacking attempt is successful, the attacker can use the victim's identity to interact with websites. This implies that they can access personal emails or other websites that can contain sensitive data using the victim's active session. Because public WiFi connections are simpler to monitor and considerably more susceptible to MitM attacks, session hijacking frequently happens there.

How can you defend against MitM attacks?

Any setting that enables your device to connect automatically to WiFi networks should be disabled. Use password-protected WiFi networks wherever possible. Disable file sharing. Log out of accounts you are not using. Try to avoid sending or accessing sensitive information when using a public WiFi network when there is no other choice.

• Update your antivirus software and operating system.
• Avoid using public networks for any financial activity, including crypto exchanges. Use HTTPS-encrypted websites wherever possible. However, be in mind that some hackers use HTTPS spoofing, so this precaution is not completely foolproof. It is usually advised to use a Virtual Private Network (VPN), especially if you need to access confidential or business-related data.
• Watch out for phony WiFi networks. Do not put your trust in a WiFi's name merely because it sounds similar to the name of a business or establishment. Ask a staff person to verify the legitimacy of the network if you are unsure. You may also inquire if you could borrow their secure network. If not in use, turn off your WiFi and Bluetooth. If you don't absolutely need to, stay away from connecting to public networks.
  Any setting that enables your device to connect automatically to WiFi networks should be disabled.
  Log out of any accounts you are not using and disable file sharing.
  When feasible, only connect to password-protected WiFi networks. Try to avoid sending or accessing sensitive information when using a public WiFi network when there is no other choice.
  Update your antivirus software and operating system.
  Avoid using public networks for any financial transactions, even cryptocurrency ones.
  Use HTTPS-encrypted websites wherever possible. However, be in mind that some hackers use HTTPS spoofing, so this precaution is not completely foolproof.
  It is usually advised to use a Virtual Private Network (VPN), especially if you need to access confidential or business-related data.
  Watch out for phony WiFi networks. Do not put your trust in a WiFi's name merely because it sounds similar to the name of a business or establishment. Ask a staff person to verify the legitimacy of the network if you are unsure. You may also inquire if you could borrow their secure network.
  If not in use, turn off your WiFi and Bluetooth. If you don't absolutely need to, stay away from connecting to public networks.

Final Remarks

It is crucial to educate oneself and maintain vigilance because cybercriminals are constantly looking for novel ways to obtain people's data. Here, we've covered a few of the numerous dangers that free public WiFi networks can bring. Using a password-protected connection can alleviate the majority of these threats, but it's still crucial to understand how these assaults function and how to avoid becoming their next victim.