One time at a coffee shop, I saw a listing like this when trying to connect to its Wi-Fi network:
Seeing the generic and duplicate “Coffee Shop Wifi” networks gave me an odd feeling, so I decided not to connect. When I visited the coffee shop a few weeks later, I saw a flyer warning customers that “Coffee Shop Wifi” was a rogue access point.
What’s a rogue access point? To answer this, let’s first describe how a typical home gets Internet access.
Homes often connect to the Internet via a wired connection. Imagine that you couldn’t place a wire in your computer’s room. How else would you connect it to the Internet? You can use an access point.
Access points connect to the Internet via a wired connection but share it wirelessly with many devices like your computer. You can think of access points as translators between the languages of wireless and wired signals.
If you’re wondering why you’ve never heard of access points but have heard of routers, it’s because most routers include access points. Routers are responsible for transporting packets, not for providing wireless Internet access.
You can see what an access point looks like below. Notice the Ethernet cable in the back that connects it to the Internet and the two antennae that broadcast and receive wireless signals.
Rogue access points
A rogue access point is an access point installed on a network without the network owner’s permission. Why is this bad?
If an attacker owns the access point, they can intercept the data (e.g. PII) flowing through the network. This is why the coffee shop provided the warning to its customers; they wanted to stop an unauthorized access point on their network from intercepting users’ data.
Let’s now dive deeper into two ways rogue access points can intercept PII.
In passive interception, a rogue access point can read your data but cannot manipulate it. If you connect to a network with a rogue access point and enter your password on a site over HTTP, the rogue access point can read your password.
Passive interception can also collect a user's Internet footprint. By monitoring DNS requests and other Internet traffic, the rogue access point can profile your Internet behavior. This profile can expose private information about you such as the types of websites you visit.
In active interception, a rogue access point can also manipulate your data. They can read the incoming user data, modify the data however they want, and send the modified user data to the destination endpoint.
For example, if a user visits a banking website and tries to deposit money into an account, a rogue access point can redirect the deposit to an attacker’s account.
We should think twice before connecting to a free wireless hotspot in public locations such as coffee shops or airports. If we see something odd, we should notify the network owner.
We can also protect ourselves by using VPNs (virtual private networks) or HTTPS. VPNs and HTTPS both send a scrambled form of our data across the network. Even if rogue access points intercept it, they won’t be able to unscramble it.
🙋🏽🙋🏻♀️🙋🏿♂️Do you have any questions about this topic? We'd love to answer—just ask in the questions area below!