Wifi Security and Safe Browsing PDF

Summary

This document provides an overview of WiFi security and safe browsing practices. It discusses the risks associated with unsecured WiFi networks, including public WiFi, and offers advice on how to protect yourself online.

Full Transcript

NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

SECTION 5: Notes

WIFI SECURITY AND SAFE BROWSING

In this section, you will learn the following:

How to safely use a WiFi network

VPN networks

Web Exploits

Safe Browsing

Cookies

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 84 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

WIFI Notes

WIFI is a form of wireless connection to the internet. However,
like any connection to the internet, it includes some unique
threats.

These risks include:
Using unsecured WIFI connections and Public WIFI
Using untrusted hotspots and “Evil Twins”
Using default or weak WIFI passwords

Risk Factors

A big risk factor is that every user within the network who has
the correct login details can connect to it. That makes the
wireless connection itself highly vulnerable to eavesdropping.

Intruders can intercept large amounts of sensitive data sent
through the network, such as passwords and emails.

Penetrating a WiFi network also benefits hackers allowing them
to install malware into the network that can infect all computers
on that network.

Public WIFI

These are the most dangerous type of WiFi networks.
Unsecured WiFi connection is a network that doesn’t require a
password and doesn’t encrypt the traffic inside it. Most of the
time these connections are provided as a service for customers
like in an airport terminal.

Although many of these networks have been upgraded and now
require a password and support encryption, there are still those
that remain unsecured.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 85 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Notes

False Hotspots

Hotspots are physical locations where people obtain Internet
access, typically using Wi-Fi technology. Today almost every
computer or smartphone can set up a hotspot.

This feature enables many hackers to conduct simple but very
harmful cyber-attacks. The most common method used by
hackers is to set up a hotspot and make it look legitimate, for
example, by naming it “free WiFi” to lure innocent users.

Once these users connect to the hotspot, all of the unencrypted
data that they send and receive is available to the hacker.

Be careful with the networks you choose to connect to.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 86 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Notes

The Evil Twin

In this similar, but more targeted method, the hacker sets up a
hotspot that mimics the properties of a nearby wireless network
to target a specific group of users and lure them to connect to
his network instead of the original network.

Then, the hacker can intercept information and credentials that
are being sent through the network. The hacker can also exploit
the connection for redirecting the user's browser requests
through contagious websites, thus infecting the users with
malicious software.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 87 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Protecting the WiFi Network

Protected or closed WiFi networks require a password, but like
Notes
an email password, it’s important to ensure you are using a
good password. Otherwise unwanted users can enter the
network and exploit the connection.

Once hackers are in the network they can access unencrypted
information and alter router settings.

Another form of a Wi-Fi targeted attack is Wi-Fi Jamming which
results in a DoS. There are several ways to jam a wireless
network. One method is flooding an AP (Access Point),
overwhelming the network, and preventing legitimate
transmissions from getting through.

This form of attack could benefit a hacker who's trying to get
users to connect to his false network or a hacker who is working
for a business that is jamming its competitors’ Wi-Fi signal.

One of the simplest ways to protect yourself online is using
the HTTPS protocol. HTTPS stands for Hypertext Transfer
Protocol Secure. This protocol is used to communicate across
the networks in an encrypted way. Just make sure you add https
before any website you enter, especially on public WiFi, and you
will be a lot safer online.

Your router’s Setup Interface password is also something we
should be concerned about.

The router’s Setup Interface or Admin Interface is where you
control your router’s properties such as the name and password
for your network. It requires a different password than your Wi-Fi
password and, unfortunately, it is usually set to default values.

Hacking to the router’s interface can allow hackers to take
control over the router and perform malicious activities, such
as DNS Hijacking that can redirect innocent users to fake
phishing websites.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 88 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

How to Protect Yourself Notes

Use password protected WiFi networks.
Don’t use easy to crack passwords in your network and
make sure you change the default password of the
router’s interface.
Don’t reveal your password to unwanted users.
Make sure you don’t submit sensitive details without
encryption.
Use other protection mechanisms such as a VPN (next
slide).

VPN

What is a VPN

What is a VPN? First, it’s the acronym for Virtual Private
Network. This is probably one of the most useful and common
methods of securing our information online. VPN is a private,
closed and usually encrypted network that works inside other
networks such as the Internet.

It enables remote users to encrypt data that is sent and received
across shared or public networks. It is as if all the computing
devices were directly connected to the private network.

The motives behind cyber-crimes vary: profit, commercial
espionage and politics. Today there is even cyber-terrorism with
the main purpose of causing alarm and panic.

How does a VPN work?

All the other users of a network communicate with the internet
using the infrastructure of a VPN server. The entire
communication uses a strong encryption that only the users of
the VPN can decrypt. The server directs the data to the right
users in the network.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 89 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Notes

Why use a VPN?
Firstly, it keeps your information safe by using strong encryption
that only you and other users of the network can decrypt.
Second, it keeps your connection private by directing your
browsing and your data through private servers. By doing that
no one, except the VPN users, can access the network and see
what you’re doing.

Additionally, a VPN keeps your identity secret by hiding your IP
address behind the VPN servers’ IP address.
VPN also allows users to bypass geographical limitations by
browsing through servers located in various locations around
the world. A good example is users who live outside the United
States use a VPN to watch American content on Netflix.

Setting up a VPN

As you probably don’t have a VPN server in your home, you will
need to find another way to connect to a VPN.

The most preferred option would be to connect to a VPN
provided by your employer or company. It also allows you to
communicate with other devices connected to the VPN, like
printers and servers in your office. You need to get the VPN’s
information from your employer or IT expert to connect to this
kind of VPN.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 90 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Web Exploits Notes

Browsers like Internet Explorer, Google Chrome and Firefox
allow us to use essential services such as mailing, research,
financial actions, and much more.

But web browsers are also one of the most common attack
vectors in the cyber-world. Web browser-attacks can be divided
into three different categories:
User targeted attacks
Web application targeted attacks
Browser targeted attacks

The weakest link in the Chain is human activity. One of the most
common and most effective types of Web browser attacks is
to exploit the human factor.
By deceiving and manipulating innocent users, hackers can
persuade users to work against themselves. Probably the best
example would be a Web site that convinces users to download
files that seem innocent but contain malicious software.

Phishing

Phishing is another common attack aimed against users that
targets the user’s personal data. These kind of attacks will try to
persuade users to fill out forms with their personal data (like
passwords or credit card details) in order to use them later on.

Cross Site Scripting

Cross Site Scripting is one of the most known type of attack,
a.k.a XSS. This kind of attack mostly exploits web apps that
allow users to submit content into the application visible to all
Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 91 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

other users, such as guest photos or comments. The attacker Notes
can submit content to a web app that contains malicious
code. That way, the hacker may cause users to download
malware.

Cross Site Request Forgery
Cross Site Request Forgery is a different type of attack related
to Web applications. This attack forces users to execute
unwanted actions on a Web app. Like money transfer of
submitting information. The malicious script can be planted
inside Web sites, links, emails, etc.
The attacker needs to plan the attack in a way that the user will
execute the malicious script only when logged in to the
application exploiting the fact that the user have already logged
into the application.

Add-ons and Plug-ins

Add-ons and Plug-ins are software that run alongside the Web
browser that add specific features to the browser.

Common add-ons and plugins are Adobe Flash Player or
Security Plugins. Experienced hackers can lure users into Web
sites that contain malicious code hidden inside the content.

This code will tell users they need to download a plugin (for
instance if a video isn’t working), which will cause them to
download malware.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 92 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Blacklists

There are sites, such as “malwaredomainlist.com” that blacklists Notes
infected sites. These tools are partially effective, given that the
virus writers know of these sites. So once exposed, they move
their malware to a new website.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 93 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Safe Browsing Notes

So now that we are sufficiently scare of every web site that
exists, let’s learn how to use the internet in a safe and secure
way.

And don’t worry, these are simpler than you expect.

HTTPS

Just like in safe WIFI browsing, the HTTPS protocol symbol in a
website means that the HTTP communication protocol used by
the site is safe and encrypted with the TSL encryption protocol.

Simply ensuring that there’s an HTTPS before the URL (website
address) is a big step in the right direction.

Cookies

Did you ever notice you don’t have to enter your password
every time you access your email? Well, you have cookies to
thank.
Cookies are small, often encrypted text files that are located in
browser directories. They are to assist users navigate the web
site more efficiently and perform complex functions. This
property takes place the next time the user returns to the same
Web site and thus the Web site can recognize it.

If you’ve been paying attention, you can probably guess what
the problem is already.

If cookies contain your login information, than they contain a key
to infiltrating your accounts and to identity login. The cookies
themselves are not malware, but like children, hackers love
cookies.

Using Cookies Safely

Here are a few guidelines for safely using cookies:
Customize your browser's cookie settings to suit your
needs regarding cookie security.
If you don’t mind the use of cookies, and you are the only
person using your computer, you may want to set long
expiration time frames for storing your personal access
information and browsing history.
If you share access on your computer, you may want to
set your browser to clear private browsing data every time
you close your browser. this option lets you access cookie-
Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 94 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

based Web sites while deleting any sensitive Notes
information after your browsing session.

Advances Tools

Let’s go over some advanced tools for safe browsing. Some of
these are more applicable than others, and you don’t have to
use all of them all the time, but they are all good to know.

Google Safe Browsing

Google Safe Browsing is a blacklist service that provides lists
of URLs that contain malware or phishing content.
It is connected to Chrome, Safari and Firefox web browsers that
use the lists from the Google Safe Browsing service
automatically. Google also sends email alerts to Internet service
providers regarding threats hosted on their networks.

My WOT

My WOT, short for “Web Of Trust”, is a website reputation
service that helps Internet users know whether to trust a website
or not.

It collects ratings and reviews for websites and generates a
review. It's a browser add-on that automatically checks the
rating of every website.

AdBlock

“AdBlock” is a content filtering and ad blocking extension for
Chrome, Safari and Opera web browsers. It allows users to
prevent ads from being displayed.

Since advertising is one of the most common business models
used on the Internet, there are websites that recognize this kind
of extension and prevent users from seeing the information they
offer until the extension is disabled.

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 95 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

WIFI SECURITY AND SAFE BROWSING QUIZ Notes

Answer the following questions:

1. When shopping online, what should be the best practice
for submitting your payment details online (such as using
credit card details, a PayPal account, etc.)?
A. Only submit your payment details on trusted websites
using the HTTPS protocol.
B. Only submit your payment details on trusted websites,
regardless if they use an HTTPS or HTTP protocol.
C. Never submit your payment details online. Hackers
can intercept the connection and use your information.
D. Only submit your payment details via the email
address provided in the "Contact Us" section.

2. You have a couple of hours to kill at the airport and you
need to use the WiFi connection. Which of the following
tools is considered the most secure, while using a public
WiFi network?
A. Google Incognito
B. A complex 10 digit password with capital and lower
case, numbers and symbols
C. Connecting regularly while checking Wi-Fi security
settings
D. VPN

3. You realize that your computer is experiencing slow
connections after visiting a certain website. Which of the
following is a tool that can be used to detect malicious
activity in a suspected website?

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 96 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

A. Adblock Notes

B. WOT
C. Antivirus
D. The websites IP

4. In XSS:
A. The hacker submits content containing malicious code
into the app for other users to load
B. The hacker sets up an innocent looking website
containing an invisible interconnected page
C. Vulnerabilities of the web browser itself and some of its
add-ons and plug-ins are being exploited
D. The hacker targets the user’s personal data by
persuading users to fill out forms containing their
personal data

5. What are cookies?
A. Text files created by a browser for customization and
efficiency purposes
B. Fragments of malware that leak through the firewall as
it tries to infect your computer
C. Leftovers of malware infection that leave their tracks on
your hard drive
D. Some sort of a virus

6. Clickjacking is a form of:
A. Browser-targeted attack
B. Cross Site Request Forgery
C. Web application-targeted attack
D. User-targeted attack

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 97 of 126
LHUB_ver1.1
 NICF - Cybersecurity Awareness
Programme (SF)
Learner’s Guide

Notes
7. Cross Site Request Forgery is:
A. A clickjacking technique commonly used on social
networks
B. Executing unwanted actions in a currently
authenticated app
C. Exploiting vulnerabilities of the web browser itself
D. A form of user targeted attack

Copyright © 2020 NTUC LearningHub Pte Ltd. © Cybint Solutions. All rights reserved
Page 98 of 126
LHUB_ver1.1