One time at a coffee shop, I saw a listing like this when trying to connect to its Wi-Fi network:
Seeing the generic and duplicate “Coffee Shop Wifi” networks gave me an odd feeling, so I decided not to connect. When I visited the coffee shop a few weeks later, I saw a flyer warning customers that “Coffee Shop Wifi” was a rogue access point.
What’s a rogue access point? To answer this, let’s first describe how a typical home gets Internet access.
Homes often connect to the Internet via a wired connection. Imagine that you couldn’t place a wire in your computer’s room. How else would you connect it to the Internet? You can use an access point.
Access points connect to the Internet via a wired connection but share it wirelessly with many devices like your computer. You can think of access points as translators between the languages of wireless and wired signals.
If you’re wondering why you’ve never heard of access points but have heard of routers, it’s because most routers include access points. Routers are responsible for transporting packets, not for providing wireless Internet access.
You can see what an access point looks like below. Notice the Ethernet cable in the back that connects it to the Internet and the two antennae that broadcast and receive wireless signals.
Rogue access points
A rogue access point is an access point installed on a network without the network owner’s permission. Why is this bad?
If an attacker owns the access point, they can intercept the data (e.g. PII) flowing through the network. This is why the coffee shop provided the warning to its customers; they wanted to stop an unauthorized access point on their network from intercepting users’ data.
Let’s now dive deeper into two ways rogue access points can intercept PII.
In passive interception, a rogue access point can read your data but cannot manipulate it. If you connect to a network with a rogue access point and enter your password on a site over HTTP, the rogue access point can read your password.
Passive interception can also collect a user's Internet footprint. By monitoring DNS requests and other Internet traffic, the rogue access point can profile your Internet behavior. This profile can expose private information about you such as the types of websites you visit.
In active interception, a rogue access point can also manipulate your data. They can read the incoming user data, modify the data however they want, and send the modified user data to the destination endpoint.
For example, if a user visits a banking website and tries to deposit money into an account, a rogue access point can redirect the deposit to an attacker’s account.
We should think twice before connecting to a free wireless hotspot in public locations such as coffee shops or airports. If we see something odd, we should notify the network owner.
We can also protect ourselves by using VPNs (virtual private networks) or HTTPS. VPNs and HTTPS both send a scrambled form of our data across the network. Even if rogue access points intercept it, they won’t be able to unscramble it.
Want to join the conversation?
- How do VPNs and HTTPS scramble data?
How does the receiving device know how to unscramble it?(15 votes)
- Howie describes one type of a VPN well, although the use of a VPN without encryption (scrambling data) is instead often called a proxy.
To explain another way, a VPN creates a "private network" over a public network (the Internet). It is virtual because software makes the private network, not physical wires/waves.
The private part comes from techniques from public-key encryption. The idea is that the message sent over the public network is encrypted (locked/scrambled) and can be unscrambled by a receiving device only if possessing the right key. The only people that can see the unscrambled messages are hence those with keys, so the message is "private" without access to a key. In effect, encryption creates a private channel.
Finally, using this private channel, a VPN creates a network, so you have access to many resources. You can imagine:
1) An employee at Khan Academy working remotely to access numerous internal company websites. Khan Academy doesn't want the public internet to see these internal resources, so they use a VPN to create a private network for their employees (I don't know if Khan Academy actually does this, but many companies do).
2) You want to hide your Internet traffic from the public network so that your Internet Service Provider cannot see your activity. So then using Howie's description, you use another computer to forward your Internet activity.
In contrast, HTTPS does not create a private network from the private channel, but rather a private session between two particular endpoints. As a gross oversimplification, the VPN creates a private channel from the sender to many endpoints (1:many) and HTTPS does so from the sender to one endpoint (1:1)
See here for more on how encryption is performed (https://www.khanacademy.org/computing/computers-and-internet/xcae6f4a7ff015e7d:online-data-security/xcae6f4a7ff015e7d:data-encryption-techniques/a/public-key-encryption
Hope this helps!(27 votes)
- Does this mean I should wave goodbye to working on my computer at the coffee shop?(6 votes)
- No, you don't have to. You just have to exercise caution while working on public coffee shop internet and NOT send any sensitive information (PII) like passwords, credit card numbers, etc. on websites that do not have HTTPS encryption. If you depend on working at the coffee shop, however, it would probably be a good idea to get a VPN like [links removed]. However, if you have access to private internet with a password and good security (home wifi) that only you/your family uses, just use that. Try not to use public wifi whenever you feel like it.(6 votes)
- Can attackers use my home router to create a rogue access point? If can how I protect myself?(4 votes)
- Based on what I have observed, cybercriminals usually create rogue access points at more public places like a cafe or an airport instead of a home.
Nonetheless, it is possible, and recommended solutions include
1) monitoring the active devices on a home network via the router web interface occasionally
2) ensuring the home router has up-to-date software
3) using anti-virus software to check the security of new networks that devices connect to
Hope this helps!(7 votes)
- If you were at a hotel, would the same thing apply?(3 votes)
- yes, I believe so.
Always ask what the hotel internet network name is before connecting to the network.(9 votes)
- If I log onto a banking website and the hacker knows my password can he/she change it?(2 votes)
- Hey BekaParker,
Not usually. Online banking sites almost always have a mandatory multi-factor authentication policy (MFA), so not only would someone with your password not be likely to be able to change your password (without your phone), but it's unlikely they would even be able to gain access into your account. There are more cyber threats than ever, but a few layers of caution renders 90% of them useless.
Hope this helps,
- how do i get virus off(4 votes)
- is it always a physical device in the network that creates a rogue point?(3 votes)
- Yes, it will need an antenna and some electronics to send and receive data, so it must be a physical device.(2 votes)
- how does https actually work?(2 votes)
- HTTP is the protocol that enables the transfer of data over the internet, allowing users to access websites and other online resources. 
You can think of it being the middleman between your computer and the server. HTTP sends the request of you trying to access "https://www.khanacademy.org/computing/computers-and-internet/xcae6f4a7ff015e7d:online-data-security/xcae6f4a7ff015e7d:cyber-attacks/a/rogue-access-points-mitm-attacks", and the server sends back the data of this website.
- So should we ever use free data?(2 votes)
- Well, you can but if you see duplicates then contact the owner I would recommend not using it or if you want to use a VPN with it.
hope it helps if you still have questions feel free to ask.(2 votes)
- A rogue access point is a wireless access point that has been installed on a secure network without explicit authorization from a local network administrator.(2 votes)