Wi-Fi security

Wi-Fi security is of crucial importance, as wireless networks can be subject to various types of attack. Two main aspects play a central role here: the SSID (Service Set Identifier), as the display name of the Wi-Fi network, and the encryption technologies.

Dangers of Wi-Fi networks

SSID spoofing, also known as “Evil Twin” attacks, pose a significant threat to the security of Wi-Fi networks. In this type of attack, an attacker creates a fake Wi-Fi network with the same SSID (Service Set Identifier) as a legitimate network. This can lead to various security problems:

  1. Data interception

    Once a user connects to the spoofed network, the attacker can intercept the traffic between the user device and the internet. This allows the attacker to steal sensitive information such as passwords, credit card details and personal data.

  2. Man-in-the-Middle attacks (MITM)

    By setting up an Evil Twin network, an attacker can position themselves as an intermediary between the user and the actual internet service. In this position, the attacker can intercept and manipulate data and even send fake information or malware to the user device.

  3. Phishing

    Attackers can create fake login interfaces that resemble those of well-known services to trick users into revealing their credentials. Because the network appears legitimate, users may be more willing to enter their information.

  4. Network access

    By connecting to a fake network, an attacker can also potentially gain access to the user's device and use it for further attacks, e.g. to access stored files, install malware or execute ransomware.

Security measures

To protect yourself from SSID spoofing and Evil Twin attacks, you should take the following security measures:

  • Be careful with public Wi-Fi networks: Be sceptical of public Wi-Fi networks, especially if there are several networks with similar or identical names, and only use encrypted Wi-Fi networks (recognizable by the additional lock symbol).
  • Use of VPNs: A VPN (Virtual Private Network) encrypts your Internet traffic, which improves the protection of your data even when connected to a dangerous network.
  • Verification of authenticity: If possible, check the authenticity of the network before you connect, e.g. by asking the staff at the IT Service Center. It is particularly important to check the authenticity of the university's “Eduroam” Wi-Fi network so that you do not fall victim to an Evil Twin attack.
  • Deactivate the automatic connection: Deactivate the function on your devices that automatically establishes a connection to known networks, as this prevents your device from establishing a connection to a fake network unnoticed.
  • Update the security settings: Make sure that your devices and software are always up to date to close known security gaps.

By following these tips, you can reduce the risk of falling victim to SSID spoofing and other wireless security threats.